1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
<?xml version="1.0"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.dfn.de/idp/shibboleth">
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">dfn.de</saml1md:Scope>
</Extensions>
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>idp.dfn.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=idp.dfn.de,OU=Geschaeftsstelle,O=DFN-Verein,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEDR/jMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTETMBEGA1UEChMKREZOLVZlcmVpbjEZMBcGA1UECxMQR2VzY2hhZWZ0c3N0ZWxs
ZTEfMB0GA1UEAxMWREZOLVZlcmVpbi1HUy1DQSAtIEcwMjAeFw0wODEwMjMxMTUz
MDdaFw0xMzEwMjIxMTUzMDdaMFIxCzAJBgNVBAYTAkRFMRMwEQYDVQQKEwpERk4t
VmVyZWluMRkwFwYDVQQLExBHZXNjaGFlZnRzc3RlbGxlMRMwEQYDVQQDEwppZHAu
ZGZuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTWL0k7ANsvg
boiSQK6IbJXcuxb4lrcs3uKdJvQlKAH4oWu/oY+g/xqERlOqftjL3g36F979O+pF
567VjG40X2XULfZ/BnKlk5nFPshgUUAY1d5ppc7QooyBWdISIyfxjEX9DKlFJ9P4
TflqX6m9jWxx8nXokP5foewJrV5HpxYsv1W6t0AbxN4PB8rr60g2ip7ZH9Cu6Rh4
EsG0kxhV59jewU8re0nRaRFl8Lgarj8EHTHq55C1N0tZyChmxnGYOsDX/bhon4KY
6wHP94fTUN5O3z+cd4drDD+rfRBq/6sLVLfYz9rn5b0MFsglTrneaLEA46iVHt8L
o0G5etpxAQIDAQABo4IB2zCCAdcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD
VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBRQGdtpn+tg3/5k
wx6PG/fkY367+zAfBgNVHSMEGDAWgBR5omIvzvEGOVLndm1ix96banVLSTAdBgNV
HREEFjAUgRJob3RsaW5lQGFhaS5kZm4uZGUwgZEGA1UdHwSBiTCBhjBBoD+gPYY7
aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWluLWdzLWNhL3B1Yi9jcmwv
Z19jYWNybC5jcmwwQaA/oD2GO2h0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLXZl
cmVpbi1ncy1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMIGqBggrBgEFBQcBAQSBnTCB
mjBLBggrBgEFBQcwAoY/aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWlu
LWdzLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQuY3J0MEsGCCsGAQUFBzAChj9odHRw
Oi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi12ZXJlaW4tZ3MtY2EvcHViL2NhY2VydC9n
X2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAMVD5IkagXQC9CeMLaumWt9r
6smb/4qonPlNUACp3Dbr/QAnZvNj6haJgGKJ7YpFnijXaq6AtsMUsQ3iOLjHodDP
IhGUv0Q+GuuSr+jmNsRST81UkrJm+wUk5R3jQMTOIWD3qdqV7g4y5xZB/7Xt1ItJ
wLNyazdIM4hRjJOwMA7asa0O09Cf/iwHuCo5SAFgfj4Y3RUe80A07rIQkZKXkumV
1PbZw1Cy1bYxzecOAzRI1rSivyDMPW0YC79qCB/8QssLbU8pjfyfBNQui28ZkIst
3wRjq+vPHe87TOxiDI4QR9IBwMIk6zTL67iH35se5LUp+qdvAtWBLf0/iYNwVWY=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>idp.dfn.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=idp.dfn.de,OU=Geschaeftsstelle,O=DFN-Verein,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEDR/jMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTETMBEGA1UEChMKREZOLVZlcmVpbjEZMBcGA1UECxMQR2VzY2hhZWZ0c3N0ZWxs
ZTEfMB0GA1UEAxMWREZOLVZlcmVpbi1HUy1DQSAtIEcwMjAeFw0wODEwMjMxMTUz
MDdaFw0xMzEwMjIxMTUzMDdaMFIxCzAJBgNVBAYTAkRFMRMwEQYDVQQKEwpERk4t
VmVyZWluMRkwFwYDVQQLExBHZXNjaGFlZnRzc3RlbGxlMRMwEQYDVQQDEwppZHAu
ZGZuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTWL0k7ANsvg
boiSQK6IbJXcuxb4lrcs3uKdJvQlKAH4oWu/oY+g/xqERlOqftjL3g36F979O+pF
567VjG40X2XULfZ/BnKlk5nFPshgUUAY1d5ppc7QooyBWdISIyfxjEX9DKlFJ9P4
TflqX6m9jWxx8nXokP5foewJrV5HpxYsv1W6t0AbxN4PB8rr60g2ip7ZH9Cu6Rh4
EsG0kxhV59jewU8re0nRaRFl8Lgarj8EHTHq55C1N0tZyChmxnGYOsDX/bhon4KY
6wHP94fTUN5O3z+cd4drDD+rfRBq/6sLVLfYz9rn5b0MFsglTrneaLEA46iVHt8L
o0G5etpxAQIDAQABo4IB2zCCAdcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD
VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBRQGdtpn+tg3/5k
wx6PG/fkY367+zAfBgNVHSMEGDAWgBR5omIvzvEGOVLndm1ix96banVLSTAdBgNV
HREEFjAUgRJob3RsaW5lQGFhaS5kZm4uZGUwgZEGA1UdHwSBiTCBhjBBoD+gPYY7
aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWluLWdzLWNhL3B1Yi9jcmwv
Z19jYWNybC5jcmwwQaA/oD2GO2h0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLXZl
cmVpbi1ncy1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMIGqBggrBgEFBQcBAQSBnTCB
mjBLBggrBgEFBQcwAoY/aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWlu
LWdzLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQuY3J0MEsGCCsGAQUFBzAChj9odHRw
Oi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi12ZXJlaW4tZ3MtY2EvcHViL2NhY2VydC9n
X2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAMVD5IkagXQC9CeMLaumWt9r
6smb/4qonPlNUACp3Dbr/QAnZvNj6haJgGKJ7YpFnijXaq6AtsMUsQ3iOLjHodDP
IhGUv0Q+GuuSr+jmNsRST81UkrJm+wUk5R3jQMTOIWD3qdqV7g4y5xZB/7Xt1ItJ
wLNyazdIM4hRjJOwMA7asa0O09Cf/iwHuCo5SAFgfj4Y3RUe80A07rIQkZKXkumV
1PbZw1Cy1bYxzecOAzRI1rSivyDMPW0YC79qCB/8QssLbU8pjfyfBNQui28ZkIst
3wRjq+vPHe87TOxiDI4QR9IBwMIk6zTL67iH35se5LUp+qdvAtWBLf0/iYNwVWY=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.dfn.de:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn.de:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.dfn.de/idp/profile/Shibboleth/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.dfn.de/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.dfn.de/idp/profile/SAML2/POST-SimpleSign/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.dfn.de/idp/profile/SAML2/Redirect/SSO"/>
</IDPSSODescriptor>
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">dfn.de</saml1md:Scope>
</Extensions>
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>idp.dfn.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=idp.dfn.de,OU=Geschaeftsstelle,O=DFN-Verein,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEDR/jMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTETMBEGA1UEChMKREZOLVZlcmVpbjEZMBcGA1UECxMQR2VzY2hhZWZ0c3N0ZWxs
ZTEfMB0GA1UEAxMWREZOLVZlcmVpbi1HUy1DQSAtIEcwMjAeFw0wODEwMjMxMTUz
MDdaFw0xMzEwMjIxMTUzMDdaMFIxCzAJBgNVBAYTAkRFMRMwEQYDVQQKEwpERk4t
VmVyZWluMRkwFwYDVQQLExBHZXNjaGFlZnRzc3RlbGxlMRMwEQYDVQQDEwppZHAu
ZGZuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTWL0k7ANsvg
boiSQK6IbJXcuxb4lrcs3uKdJvQlKAH4oWu/oY+g/xqERlOqftjL3g36F979O+pF
567VjG40X2XULfZ/BnKlk5nFPshgUUAY1d5ppc7QooyBWdISIyfxjEX9DKlFJ9P4
TflqX6m9jWxx8nXokP5foewJrV5HpxYsv1W6t0AbxN4PB8rr60g2ip7ZH9Cu6Rh4
EsG0kxhV59jewU8re0nRaRFl8Lgarj8EHTHq55C1N0tZyChmxnGYOsDX/bhon4KY
6wHP94fTUN5O3z+cd4drDD+rfRBq/6sLVLfYz9rn5b0MFsglTrneaLEA46iVHt8L
o0G5etpxAQIDAQABo4IB2zCCAdcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD
VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBRQGdtpn+tg3/5k
wx6PG/fkY367+zAfBgNVHSMEGDAWgBR5omIvzvEGOVLndm1ix96banVLSTAdBgNV
HREEFjAUgRJob3RsaW5lQGFhaS5kZm4uZGUwgZEGA1UdHwSBiTCBhjBBoD+gPYY7
aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWluLWdzLWNhL3B1Yi9jcmwv
Z19jYWNybC5jcmwwQaA/oD2GO2h0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLXZl
cmVpbi1ncy1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMIGqBggrBgEFBQcBAQSBnTCB
mjBLBggrBgEFBQcwAoY/aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWlu
LWdzLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQuY3J0MEsGCCsGAQUFBzAChj9odHRw
Oi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi12ZXJlaW4tZ3MtY2EvcHViL2NhY2VydC9n
X2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAMVD5IkagXQC9CeMLaumWt9r
6smb/4qonPlNUACp3Dbr/QAnZvNj6haJgGKJ7YpFnijXaq6AtsMUsQ3iOLjHodDP
IhGUv0Q+GuuSr+jmNsRST81UkrJm+wUk5R3jQMTOIWD3qdqV7g4y5xZB/7Xt1ItJ
wLNyazdIM4hRjJOwMA7asa0O09Cf/iwHuCo5SAFgfj4Y3RUe80A07rIQkZKXkumV
1PbZw1Cy1bYxzecOAzRI1rSivyDMPW0YC79qCB/8QssLbU8pjfyfBNQui28ZkIst
3wRjq+vPHe87TOxiDI4QR9IBwMIk6zTL67iH35se5LUp+qdvAtWBLf0/iYNwVWY=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>idp.dfn.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=idp.dfn.de,OU=Geschaeftsstelle,O=DFN-Verein,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEDR/jMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTETMBEGA1UEChMKREZOLVZlcmVpbjEZMBcGA1UECxMQR2VzY2hhZWZ0c3N0ZWxs
ZTEfMB0GA1UEAxMWREZOLVZlcmVpbi1HUy1DQSAtIEcwMjAeFw0wODEwMjMxMTUz
MDdaFw0xMzEwMjIxMTUzMDdaMFIxCzAJBgNVBAYTAkRFMRMwEQYDVQQKEwpERk4t
VmVyZWluMRkwFwYDVQQLExBHZXNjaGFlZnRzc3RlbGxlMRMwEQYDVQQDEwppZHAu
ZGZuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTWL0k7ANsvg
boiSQK6IbJXcuxb4lrcs3uKdJvQlKAH4oWu/oY+g/xqERlOqftjL3g36F979O+pF
567VjG40X2XULfZ/BnKlk5nFPshgUUAY1d5ppc7QooyBWdISIyfxjEX9DKlFJ9P4
TflqX6m9jWxx8nXokP5foewJrV5HpxYsv1W6t0AbxN4PB8rr60g2ip7ZH9Cu6Rh4
EsG0kxhV59jewU8re0nRaRFl8Lgarj8EHTHq55C1N0tZyChmxnGYOsDX/bhon4KY
6wHP94fTUN5O3z+cd4drDD+rfRBq/6sLVLfYz9rn5b0MFsglTrneaLEA46iVHt8L
o0G5etpxAQIDAQABo4IB2zCCAdcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD
VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBRQGdtpn+tg3/5k
wx6PG/fkY367+zAfBgNVHSMEGDAWgBR5omIvzvEGOVLndm1ix96banVLSTAdBgNV
HREEFjAUgRJob3RsaW5lQGFhaS5kZm4uZGUwgZEGA1UdHwSBiTCBhjBBoD+gPYY7
aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWluLWdzLWNhL3B1Yi9jcmwv
Z19jYWNybC5jcmwwQaA/oD2GO2h0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLXZl
cmVpbi1ncy1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMIGqBggrBgEFBQcBAQSBnTCB
mjBLBggrBgEFBQcwAoY/aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tdmVyZWlu
LWdzLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQuY3J0MEsGCCsGAQUFBzAChj9odHRw
Oi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi12ZXJlaW4tZ3MtY2EvcHViL2NhY2VydC9n
X2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAMVD5IkagXQC9CeMLaumWt9r
6smb/4qonPlNUACp3Dbr/QAnZvNj6haJgGKJ7YpFnijXaq6AtsMUsQ3iOLjHodDP
IhGUv0Q+GuuSr+jmNsRST81UkrJm+wUk5R3jQMTOIWD3qdqV7g4y5xZB/7Xt1ItJ
wLNyazdIM4hRjJOwMA7asa0O09Cf/iwHuCo5SAFgfj4Y3RUe80A07rIQkZKXkumV
1PbZw1Cy1bYxzecOAzRI1rSivyDMPW0YC79qCB/8QssLbU8pjfyfBNQui28ZkIst
3wRjq+vPHe87TOxiDI4QR9IBwMIk6zTL67iH35se5LUp+qdvAtWBLf0/iYNwVWY=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.dfn.de:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn.de:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
</AttributeAuthorityDescriptor>
<Organization>
<OrganizationName xml:lang="de">Verein zur Förderung eines Deutschen Forschungsnetzes e. V.</OrganizationName>
<OrganizationDisplayName xml:lang="de">Verein zur Förderung eines Deutschen Forschungsnetzes e. V.</OrganizationDisplayName>
<OrganizationURL xml:lang="de">http://www.dfn.de</OrganizationURL>
</Organization>
<ContactPerson contactType="administrative">
<GivenName>Ulrich</GivenName>
<SurName>Kähler</SurName>
<EmailAddress>kaehler@dfn.de</EmailAddress>
</ContactPerson>
<ContactPerson contactType="technical">
<GivenName>Raoul</GivenName>
<SurName>Borenius</SurName>
<EmailAddress>hotline@aai.dfn.de</EmailAddress>
</ContactPerson>
</EntityDescriptor>
|
