blob: 217563cad95001cc80a3d53b2e3ab523665bebaf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
<?xml version="1.0"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://aai-logon.switch.ch/idp/shibboleth">
<Extensions>
<mdrpi:RegistrationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" registrationAuthority="http://rr.aai.switch.ch/" registrationInstant="2012-01-26T07:24:46Z">
<mdrpi:RegistrationPolicy xml:lang="en">https://www.switch.ch/aai/federation/switchaai/metadata-registration-practice-statement.txt</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
</Extensions>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
<shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">switch.ch</shibmd:Scope>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="en">SWITCH</mdui:DisplayName>
<mdui:Description xml:lang="en">The SWITCH Identity Provider is used by SWITCH staff members.</mdui:Description>
<mdui:Keywords xml:lang="en">others</mdui:Keywords>
</mdui:UIInfo>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIDLDCCAhSgAwIBAgIJALH1hdjM5J6tMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
BAMTE2FhaS1sb2dvbi5zd2l0Y2guY2gwHhcNMTEwODE4MDkxMDE1WhcNMTQwODE4
MDkxMDE1WjAeMRwwGgYDVQQDExNhYWktbG9nb24uc3dpdGNoLmNoMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN34o37PuK6vfsVhd9+6cvFke6a2IE9l
K0rInDIajMQn+E99p980vMT62204zrvH8JF8QA1xYpAn9XWVcAI5ptyaDNUakyn0
yccNihu7n1exFC6yBOvAs/oDgMHjhE4fmZb8X8xM/ci91M9FqV6/ZSJsU1TpIPPI
+i1dBAhHu8EeVkUpClldb8wxTCDJ0iQ0Y9Ff6dANvfhnowTs5DhaYAGg3hxgGpCT
L8LBTRK9f4yBF+cLTOWQj2H2LbDwee7dZhzo4FAIsOa3Y4gF/qB/bNM5bsdzFNI+
iLlRyzW1DyreFT6HY86wi2G+nlkMEsJEkLt2S4ihvu2OhtAVPxxbAwIDAQABo20w
azBKBgNVHREEQzBBghNhYWktbG9nb24uc3dpdGNoLmNohipodHRwczovL2FhaS1s
b2dvbi5zd2l0Y2guY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFC/u+yrAyZKH
fbhFyZtApyeW6i+cMA0GCSqGSIb3DQEBBQUAA4IBAQBx/6KLyp29jxhLYfU1vHP5
QMstAwAikyfvRX4pIlFIAYjTJAgAZ+7Kni7Keng1N1DqHvL7KjMp3EbsiPqVYWqW
BWaCjw76kujxMaXDni0vPhAvLfuJH4/UuZVhhIsKO7+edd3hHl1tvXuT3CaWo+c6
hN2nTdP5TaVZ+CPQp5VVjrFUcNWefgioL3y+RPdbtBAoGtOuiGKtiOMoBOFFZIMQ
VUEhwCVbRIE1G3zSs5X50edvePGZMpbANxEwxXHnQdSUFVCxPjV8I+bo93fV11Dp
c1FacVORKSxWRMJL3kGzA8EvfzN+4mYs5JxslTdsyI0k6QssjCWq/Nk+B1RtHC/Y
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon.switch.ch/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon.switch.ch/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-logon.switch.ch/idp/profile/Shibboleth/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-logon.switch.ch/idp/profile/SAML2/Redirect/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-logon.switch.ch/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-logon.switch.ch/idp/profile/SAML2/POST-SimpleSign/SSO"/>
</IDPSSODescriptor>
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
<Extensions>
<shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">switch.ch</shibmd:Scope>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIDLDCCAhSgAwIBAgIJALH1hdjM5J6tMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
BAMTE2FhaS1sb2dvbi5zd2l0Y2guY2gwHhcNMTEwODE4MDkxMDE1WhcNMTQwODE4
MDkxMDE1WjAeMRwwGgYDVQQDExNhYWktbG9nb24uc3dpdGNoLmNoMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN34o37PuK6vfsVhd9+6cvFke6a2IE9l
K0rInDIajMQn+E99p980vMT62204zrvH8JF8QA1xYpAn9XWVcAI5ptyaDNUakyn0
yccNihu7n1exFC6yBOvAs/oDgMHjhE4fmZb8X8xM/ci91M9FqV6/ZSJsU1TpIPPI
+i1dBAhHu8EeVkUpClldb8wxTCDJ0iQ0Y9Ff6dANvfhnowTs5DhaYAGg3hxgGpCT
L8LBTRK9f4yBF+cLTOWQj2H2LbDwee7dZhzo4FAIsOa3Y4gF/qB/bNM5bsdzFNI+
iLlRyzW1DyreFT6HY86wi2G+nlkMEsJEkLt2S4ihvu2OhtAVPxxbAwIDAQABo20w
azBKBgNVHREEQzBBghNhYWktbG9nb24uc3dpdGNoLmNohipodHRwczovL2FhaS1s
b2dvbi5zd2l0Y2guY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFC/u+yrAyZKH
fbhFyZtApyeW6i+cMA0GCSqGSIb3DQEBBQUAA4IBAQBx/6KLyp29jxhLYfU1vHP5
QMstAwAikyfvRX4pIlFIAYjTJAgAZ+7Kni7Keng1N1DqHvL7KjMp3EbsiPqVYWqW
BWaCjw76kujxMaXDni0vPhAvLfuJH4/UuZVhhIsKO7+edd3hHl1tvXuT3CaWo+c6
hN2nTdP5TaVZ+CPQp5VVjrFUcNWefgioL3y+RPdbtBAoGtOuiGKtiOMoBOFFZIMQ
VUEhwCVbRIE1G3zSs5X50edvePGZMpbANxEwxXHnQdSUFVCxPjV8I+bo93fV11Dp
c1FacVORKSxWRMJL3kGzA8EvfzN+4mYs5JxslTdsyI0k6QssjCWq/Nk+B1RtHC/Y
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIFdDCCBFygAwIBAgIUMup/o7VGOkbi/2w56HVH1VLOxagwDQYJKoZIhvcNAQEF
BQAwazELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAd
BgNVBAsTFnd3dy5xdW92YWRpc2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlz
IEdsb2JhbCBTU0wgSUNBMB4XDTEyMDEwNTA5MDE1NVoXDTE0MDEwNTA5MDE1NVow
gcgxEzARBgsrBgEEAYI3PAIBAxMCQ0gxFTATBgsrBgEEAYI3PAIBAhMEQmVybjEd
MBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xGzAZBgNVBAUTEkNILTAzNS43
LjAwMS4yNzgtOTELMAkGA1UEBhMCQ0gxEDAOBgNVBAgTB1p1ZXJpY2gxEDAOBgNV
BAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRDSDEcMBoGA1UEAxMTYWFpLWxvZ29u
LnN3aXRjaC5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKXJyoKM
Hw/FxSh3oZS1DLJotPa2RkvOwCdet8Rf3rLcrWn4HVqNVt/LCOfaR0msHqtH76+3
xRDvgbTa3yvg6T+9oQUDHMKJqakOMuK+zt/6upvswzx7eMJEXO6CXAWZjyubRGuj
GD/LPc80So16dolhEVtOUkT9+41mFRvRiq0Y5AKrwI2+vDXwcs6pM+AVKwfDVRAO
M6uUkObMnHR2XHtl0/Zs7BEaUHzcGcNbCSFLZlQexyzEjP7M5h4gkLKgczd4io7o
0nHGwqA29jj1mpKPJmrFX8aYwOo3BwbDYCX1Iaf59a8MjImu0cwZEzjppIJGQLIK
7+J2X7UwBANBJ0ECAwEAAaOCAbAwggGsMHQGCCsGAQUFBwEBBGgwZjAqBggrBgEF
BQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29tMDgGCCsGAQUFBzAC
hixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNydDBR
BgNVHSAESjBIMEYGDCsGAQQBvlgAAmQBAjA2MDQGCCsGAQUFBwIBFihodHRwOi8v
d3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MDgGA1UdEQQxMC+CE2Fh
aS1sb2dvbi5zd2l0Y2guY2iCGHg1MDkuYWFpLWxvZ29uLnN3aXRjaC5jaDALBgNV
HQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQY
MBaAFDJNoU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6
Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQU
K41ahJwmQTKIkscPIrSnMlieSWAwDQYJKoZIhvcNAQEFBQADggEBABlCWm8fWNmO
vgo8iQw9m6TX9gx0cMQfRs8DNlORAjrD4KWc4kOEFUfZoBOAdfR7WmNSYhmhNIkO
VItQ/+w0oUB+ddP4QTlHXCnpbksjtp9htx2JvsRIjMKOC0h/BD2IKNcy0lfcXtGD
Ltb6Xr8E5Qf+zYzQhWMd/3FIUIDEpUT1SbbP4xmBxKKoVENATLJOr6VJlm8Teeyi
afgDIHNnqggFVE4Cms5x/jnb/eGPtMqYxTyDMiNevSjMHYC3l8da1H6pEay3aDZm
4U2DLOM5DC2KkfO20jX1eGiv3ArC0aiYLOCVHxyzCu3pFa0M+SHypatfS9/4jDHB
yLC08u3bwWI=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon.switch.ch/idp/profile/SAML1/SOAP/AttributeQuery"/>
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon.switch.ch/idp/profile/SAML2/SOAP/AttributeQuery"/>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
</AttributeAuthorityDescriptor>
<Organization>
<OrganizationName xml:lang="en">switch.ch</OrganizationName>
<OrganizationDisplayName xml:lang="en">SWITCH</OrganizationDisplayName>
<OrganizationURL xml:lang="en">http://www.switch.ch/</OrganizationURL>
</Organization>
<ContactPerson contactType="technical">
<GivenName>SWITCHaai</GivenName>
<SurName>Team</SurName>
<EmailAddress>aai@switch.ch</EmailAddress>
<TelephoneNumber>+41 44 268 1505</TelephoneNumber>
</ContactPerson>
</EntityDescriptor>
|