Idea ID: 2872788

Metadata elements for REFEDS and SIRTFI

Status : New Idea

As a part of WAYF, EduGain etc. we need to be In compliance to SIRTFI for our users to be able to login and we already see trouble.

 

REF: https://wiki.refeds.org/display/SIRTFI/Guide+for+Federation+Participants

To comply to SIRTFI we need to add elements to our metadata like the ones here below but we need full compliance, so please look at the Ref. above . 

<md:ContactPerson xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"

      contactType="other"

      remd:contactType="http://refeds.org/metadata/contactType/security"

      xmlns:remd="http://refeds.org/metadata">

  <md:GivenName>Security Response Team</md:GivenName>

  <md:EmailAddress>mailto:security@xxxxxxxxxxxxxxx</md:EmailAddress>

</md:ContactPerson>

 

<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ...>

  <md:Extensions>

    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">

      <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"

            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

            Name="urn:oasis:names:tc:SAML:attribute:assurance-certification">

        <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>

      </saml:Attribute>

    </mdattr:EntityAttributes>

  </md:Extensions>

  ...

</md:EntityDescriptor>

 

 

Labels:

Configuration