[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: RSA SAML Interop technical issues
All, Please find attached metadata files of NTT. I have changed them so that our implementations (IDP and SP) would use certificates that are provided during the dry-run event. Endpoint has not been changed since the dry-run event. Thanks and best regards, Yuzo Ciochon, Robert wrote: > Hi, > During the dry run we were able to assemble the metadata for all vendors > who are participating. If you have had to change your metadata since > the dry run, please send it out to the list so everyone can maintain a > current version for their providers. This will be one less step that > will need to be done at show setup. Note that some vendors were running > without SSL at the dry run. If you were one of them, SSL will be > required for the show and your metadata will need to change. > > A few items came up during the dry run that were accomodated, but in the > interest of a smoother show setup everyone wanted standardized. Please > respond if you disagree with the proposed requirements for the SAML Interop: > > * RelayState in an idP initiated SSO - This varied between vendors, > with some passing a valid URL, others sending an empty string, > others not sending it at all and still others using a special > string. The concensus of those on the conference call today was > to specify that the RelayState is optional, but if sent, it MUST > be a valid URL. > * XML signature KeyInfo element - Some vendors were failing if an > XML sig was sent without having the key embedded in the KeyInfo > element. The concensus on the call was to have it optional if > the KeyInfo is sent and not have it required by any vendor. > * Signing AuthnRequest - The Metadata standard provides for separate > settings for idP and SP on whether an AuthnRequest should be > signed, and they can conflict (the SP metadata specifying don't > sign it, the idP specifying it must be signed). The concensus on > the call was to leave it up to the SP to specify if the > AuthnRequest was signed, and the idP would not have a preference. > However, it appears from the spec this can't be set for the idP > (it requires either always or never signed), so instead, the > requirement is that all AuthnRequests will be signed. > > Please respond as soon as possible to the above issues, as a decision > will be put in writing on Friday. > Regards, > Bob > > Robert Ciochon > eTrust Development Manager > Computer Associates > San Diego, California > (858) 625-6866 > robert.ciochon@ca.com > -- Yuzo Koga <koga.yuzo@lab.ntt.co.jp> NTT Information Sharing Platform Labs. tel: +81 422 59 3202, fax: +81 422 59 5659, aim: yzkoga
<?xml version="1.0" encoding="UTF-8"?> <saml2md:EntityDescriptor ID="NTTDEDCB121E2F76370655CB6D80F16408C" entityID="https://d-idp.liberty-iop.org:8443/idp/saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:Signature xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:SignedInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <ds:Reference URI="#NTTDEDCB121E2F76370655CB6D80F16408C" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:Transforms xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <ds:DigestValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">G5316OeHhf2u0/vz0hz/410Y670=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> UZb6ApppTrAOdZ/hrueA6Wqjv8qQafDQOcaEFTnK/POLyqiiacpq8TzSJTpFyR8wVcRJYZtVFSSb XaNYqyG8WLhErN30k4nDIVdWnB5MATOhPzhiRh12yN9echfGPfMHcrR/i79oV21vmW/9dk1WqRee RFJsybeg3r9w4VRgk8c= </ds:SignatureValue> </ds:Signature> <saml2md:IDPSSODescriptor WantAuthnRequestsSigned="1" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:KeyDescriptor use="signing" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> MIICqjCCAZKgAwIBAgIBDjANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMFoXDTA2MDIwMjE5NDkwMFowODEWMBQGA1UEChMNTlRU IFNpZ25hdHVyZTEeMBwGA1UEAxMVZC1pZHAubGliZXJ0eS1pb3Aub3JnMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQCyRIsUsYtPPL8GLXiMhLy2ibtgVV4lbSq4Ud4n08rs0ICDv11GTaSos26+ Q4Ipc5ZWSV0mroq8XZQ9FuWK9dwk6EZY8kODyL/XEajvlKe4y9bhwos5Pte0/JkxBR1VyCdx1tI6 OxaUSCMLZYpzI58csWGb6DgpkjQHypDnJryKdQIDAQABo1owWDAdBgNVHQ4EFgQUgDhRpgMNJeqi fl/bl12TJ9K3XcEwHwYDVR0jBBgwFoAUZFb1bRyyvdicdcD0mR0n6ARdeykwCQYDVR0TBAIwADAL BgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQEFBQADggEBAKd/7gFt11Ifw3mYAycMX31grPQbrdWv6EYM 2yxnIVFJwsDN0OnRtbNyUDawqPz0BJs0vA4aOVRlztWgCJb9XH6tP3U5QuEQJtx40iFi7t3Ym0tI usgm7C9zxKxn4QOx8WWx404YqvWXiLSZWwi2E3SvCi2alWmip2SeRUFHdJHZZz8GZAr6mTjvBQ7Y twaiQzpZ4mTnJCXr0GNaMTUEvkKr2PKp7uWpQgXCKOJ6I+ZceSHsjoDJzyrMEpaMeKy9e6GKXQGx wu4/T5T9y5YQlJn9IS94sUubjeROu7qQ0ZFmpDiVrKgE3NtDF8KTFQeqE1qZYt4ZVREr7X7enhA0 CPs= </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </saml2md:KeyDescriptor> <saml2md:KeyDescriptor use="encryption" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> MIICDDCCAXWgAwIBAgIBYTANBgkqhkiG9w0BAQQFADA1MQswCQYDVQQGEwJVUzEUMBIGA1UEChML TGliZXJ0eSBJT1AxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMDQxMTI5MTQ0MjM1WhcNMDUxMTI5MTQ0 MjM1WjBHMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPTGliZXJ0eSBJT1AtZW5jMR4wHAYDVQQDExVk LWlkcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ9uqfhS7VA0 kZJpn3f/aTdfrF0fBX38C95S+4RjxsJ34AebqriySMEaR4JUO3ohHqSmk9J4+Tfb54gqvF/t+1L8 IvVVisZccz43mZ288xjj9a03TDCvz0Cgq+V8/92bBI4MshSv1ARcyLkH/wv6DySIKcD+maKyo6zn f0cJX/QHAgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgUgMA0GCSqGSIb3DQEBBAUAA4GB AG7ymkHMlWdVmrbVcqkzDEiM7Ehszfv9FlbQvid4DKMTJ7qGLh2LDaf83a8hjDCRUYumn/ghCZwd gNuzGJAhoa30VXCc4nTM6BWLfZae2rdZEO6wGTg93eIS4DcO+hjxfBLlMSijoc76X4pc+tiDRriZ T/pPiu2/vOk/Qh3yReiM </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </saml2md:KeyDescriptor> <saml2md:Organization xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:OrganizationName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NIPPON TELEGRAPH AND TELEPHONE CORPORATION</saml2md:OrganizationName> <saml2md:OrganizationDisplayName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:OrganizationDisplayName> <saml2md:OrganizationURL xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">http://www.ntt.co.jp</saml2md:OrganizationURL> </saml2md:Organization> <saml2md:ContactPerson contactType="other" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:Company xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:Company> <saml2md:GivenName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Yuzo</saml2md:GivenName> <saml2md:SurName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Koga</saml2md:SurName> <saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">koga.yuzo@lab.ntt.co.jp</saml2md:EmailAddress> <saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">yzkoga@aol.com</saml2md:EmailAddress> <saml2md:TelephoneNumber xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">+81 422 59 3202</saml2md:TelephoneNumber> </saml2md:ContactPerson> <saml2md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap" index="0" isDefault="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-idp.liberty-iop.org:8443/idp/logoutreq_redirect_saml20" ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/logoutres_redirect_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-idp.liberty-iop.org:8443/idp/logoutreq_artifact_saml20" ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/logoutres_artifact_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-idp.liberty-iop.org:8443/idp/logoutreq_post_saml20" ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/logoutres_post_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-idp.liberty-iop.org:8443/idp/managereq_redirect_saml20" ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/manageres_redirect_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-idp.liberty-iop.org:8443/idp/managereq_artifact_saml20" ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/manageres_artifact_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-idp.liberty-iop.org:8443/idp/managereq_post_saml20" ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/manageres_post_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-idp.liberty-iop.org:8443/idp/authn_redirect_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-idp.liberty-iop.org:8443/idp/authn_artifact_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-idp.liberty-iop.org:8443/idp/authn_post_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> </saml2md:IDPSSODescriptor> <saml2md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:KeyDescriptor use="signing" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> MIICqjCCAZKgAwIBAgIBDjANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMFoXDTA2MDIwMjE5NDkwMFowODEWMBQGA1UEChMNTlRU IFNpZ25hdHVyZTEeMBwGA1UEAxMVZC1pZHAubGliZXJ0eS1pb3Aub3JnMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQCyRIsUsYtPPL8GLXiMhLy2ibtgVV4lbSq4Ud4n08rs0ICDv11GTaSos26+ Q4Ipc5ZWSV0mroq8XZQ9FuWK9dwk6EZY8kODyL/XEajvlKe4y9bhwos5Pte0/JkxBR1VyCdx1tI6 OxaUSCMLZYpzI58csWGb6DgpkjQHypDnJryKdQIDAQABo1owWDAdBgNVHQ4EFgQUgDhRpgMNJeqi fl/bl12TJ9K3XcEwHwYDVR0jBBgwFoAUZFb1bRyyvdicdcD0mR0n6ARdeykwCQYDVR0TBAIwADAL BgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQEFBQADggEBAKd/7gFt11Ifw3mYAycMX31grPQbrdWv6EYM 2yxnIVFJwsDN0OnRtbNyUDawqPz0BJs0vA4aOVRlztWgCJb9XH6tP3U5QuEQJtx40iFi7t3Ym0tI usgm7C9zxKxn4QOx8WWx404YqvWXiLSZWwi2E3SvCi2alWmip2SeRUFHdJHZZz8GZAr6mTjvBQ7Y twaiQzpZ4mTnJCXr0GNaMTUEvkKr2PKp7uWpQgXCKOJ6I+ZceSHsjoDJzyrMEpaMeKy9e6GKXQGx wu4/T5T9y5YQlJn9IS94sUubjeROu7qQ0ZFmpDiVrKgE3NtDF8KTFQeqE1qZYt4ZVREr7X7enhA0 CPs= </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </saml2md:KeyDescriptor> <saml2md:KeyDescriptor use="encryption" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> MIICDDCCAXWgAwIBAgIBYTANBgkqhkiG9w0BAQQFADA1MQswCQYDVQQGEwJVUzEUMBIGA1UEChML TGliZXJ0eSBJT1AxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMDQxMTI5MTQ0MjM1WhcNMDUxMTI5MTQ0 MjM1WjBHMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPTGliZXJ0eSBJT1AtZW5jMR4wHAYDVQQDExVk LWlkcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ9uqfhS7VA0 kZJpn3f/aTdfrF0fBX38C95S+4RjxsJ34AebqriySMEaR4JUO3ohHqSmk9J4+Tfb54gqvF/t+1L8 IvVVisZccz43mZ288xjj9a03TDCvz0Cgq+V8/92bBI4MshSv1ARcyLkH/wv6DySIKcD+maKyo6zn f0cJX/QHAgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgUgMA0GCSqGSIb3DQEBBAUAA4GB AG7ymkHMlWdVmrbVcqkzDEiM7Ehszfv9FlbQvid4DKMTJ7qGLh2LDaf83a8hjDCRUYumn/ghCZwd gNuzGJAhoa30VXCc4nTM6BWLfZae2rdZEO6wGTg93eIS4DcO+hjxfBLlMSijoc76X4pc+tiDRriZ T/pPiu2/vOk/Qh3yReiM </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </saml2md:KeyDescriptor> <saml2md:Organization xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:OrganizationName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NIPPON TELEGRAPH AND TELEPHONE CORPORATION</saml2md:OrganizationName> <saml2md:OrganizationDisplayName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:OrganizationDisplayName> <saml2md:OrganizationURL xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">http://www.ntt.co.jp</saml2md:OrganizationURL> </saml2md:Organization> <saml2md:ContactPerson contactType="other" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:Company xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:Company> <saml2md:GivenName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Yuzo</saml2md:GivenName> <saml2md:SurName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Koga</saml2md:SurName> <saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">koga.yuzo@lab.ntt.co.jp</saml2md:EmailAddress> <saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">yzkoga@aol.com</saml2md:EmailAddress> <saml2md:TelephoneNumber xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">+81 422 59 3202</saml2md:TelephoneNumber> </saml2md:ContactPerson> <saml2md:AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> </saml2md:AttributeAuthorityDescriptor> </saml2md:EntityDescriptor>
<?xml version="1.0" encoding="UTF-8"?> <saml2md:EntityDescriptor ID="NTT970945AC8C8A6094FCEB9A952141F74B" entityID="https://d-sp.liberty-iop.org:8443/sp2/saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:Signature xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:SignedInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <ds:Reference URI="#NTT970945AC8C8A6094FCEB9A952141F74B" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:Transforms xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <ds:DigestValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">V+gyNDgdlpkSPQf0hXZV71poOV8=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> HbI5cYxzHKDH0BAl5gsdQNaFSAuYvfoQ6W3cVp4raQZzgUsy7uOzpc5iF2yCj3so95FDW0yHoW0E hmcOtWMw3VuaMIKM7AVQhKW+xgIl/W3rdL9GSMvKuvANAaMn5aWUdoxQjvjGyi6NWxkn0srmxklN KzNPVB6qvw+Fs15+Lp0= </ds:SignatureValue> </ds:Signature> <saml2md:SPSSODescriptor AuthnRequestsSigned="1" WantAssertionsSigned="1" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:2.0:protocol" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:KeyDescriptor use="signing" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> MIICqTCCAZGgAwIBAgIBEDANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMVoXDTA2MDIwMjE5NDkwMVowNzEWMBQGA1UEChMNTlRU IFNpZ25hdHVyZTEdMBsGA1UEAxMUZC1zcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEB BQADgY0AMIGJAoGBAMNKkPjrbVfgx1jyFD6Iisz4GrVwkSksODL8oaIw/BgqeWC5hfHWpNAYhQkI ZtXQHtHFK+yCNqQ4cPQlPEyvvUofqm6Ntipdjdaawwde1U+PdC2M4YpUiDS2JWpA8qH5XCElhcDZ 80GeCFuf7m/Xaohz0TiYlm/y+XZlpdAEz35VAgMBAAGjWjBYMB0GA1UdDgQWBBQqIcUykinWjbPV cv+fLC6fWW+BZTAfBgNVHSMEGDAWgBRkVvVtHLK92Jx1wPSZHSfoBF17KTAJBgNVHRMEAjAAMAsG A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAm+8TpXiE4P8uYbADr6kTCVpEP888kIm19KnS B7TMFn5wWmNV767uWVG+kV+KsqS1WfM98PyaJ+EM8Qby8Ou9nvF3wfvfYf/CgwggdVb7MFSyFg5v clIcqfxYV9TpeyQKBNU8L/97DKFDJlBaIfaEQofVEGbDHtAVAvcB1hDA0W3qRIOMCqcQ58FLHt01 TWpf86zO5yE9uIyOHh4CWM07clauOQkB0emG7R5gAW3SZOK52nzjZXlZNNAOzC5y0DuruqTd03r2 CYAzmsn85EkrxnLvLWsWKAiGU4ISy7cnKJ4Gi1cgAyzLBdgPo08oPgfKhG1McrYT9DLZyH1DuZUa Ew== </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </saml2md:KeyDescriptor> <saml2md:KeyDescriptor use="encryption" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> MIICqTCCAZGgAwIBAgIBEDANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMVoXDTA2MDIwMjE5NDkwMVowNzEWMBQGA1UEChMNTlRU IFNpZ25hdHVyZTEdMBsGA1UEAxMUZC1zcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEB BQADgY0AMIGJAoGBAMNKkPjrbVfgx1jyFD6Iisz4GrVwkSksODL8oaIw/BgqeWC5hfHWpNAYhQkI ZtXQHtHFK+yCNqQ4cPQlPEyvvUofqm6Ntipdjdaawwde1U+PdC2M4YpUiDS2JWpA8qH5XCElhcDZ 80GeCFuf7m/Xaohz0TiYlm/y+XZlpdAEz35VAgMBAAGjWjBYMB0GA1UdDgQWBBQqIcUykinWjbPV cv+fLC6fWW+BZTAfBgNVHSMEGDAWgBRkVvVtHLK92Jx1wPSZHSfoBF17KTAJBgNVHRMEAjAAMAsG A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAm+8TpXiE4P8uYbADr6kTCVpEP888kIm19KnS B7TMFn5wWmNV767uWVG+kV+KsqS1WfM98PyaJ+EM8Qby8Ou9nvF3wfvfYf/CgwggdVb7MFSyFg5v clIcqfxYV9TpeyQKBNU8L/97DKFDJlBaIfaEQofVEGbDHtAVAvcB1hDA0W3qRIOMCqcQ58FLHt01 TWpf86zO5yE9uIyOHh4CWM07clauOQkB0emG7R5gAW3SZOK52nzjZXlZNNAOzC5y0DuruqTd03r2 CYAzmsn85EkrxnLvLWsWKAiGU4ISy7cnKJ4Gi1cgAyzLBdgPo08oPgfKhG1McrYT9DLZyH1DuZUa Ew== </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </saml2md:KeyDescriptor> <saml2md:Organization xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:OrganizationName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NIPPON TELEGRAPH AND TELEPHONE CORPORATION</saml2md:OrganizationName> <saml2md:OrganizationDisplayName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:OrganizationDisplayName> <saml2md:OrganizationURL xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">http://www.ntt.co.jp</saml2md:OrganizationURL> </saml2md:Organization> <saml2md:ContactPerson contactType="other" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"> <saml2md:Company xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:Company> <saml2md:GivenName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Yuzo</saml2md:GivenName> <saml2md:SurName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Koga</saml2md:SurName> <saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">koga.yuzo@lab.ntt.co.jp</saml2md:EmailAddress> <saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">yzkoga@aol.com</saml2md:EmailAddress> <saml2md:TelephoneNumber xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">+81 422 59 3202</saml2md:TelephoneNumber> </saml2md:ContactPerson> <saml2md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap" index="0" isDefault="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-sp.liberty-iop.org:8443/sp2/logout_post_saml20" ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/logoutres_post_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-sp.liberty-iop.org:8443/sp2/logout_redirect_saml20" ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/logoutres_redirect_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-sp.liberty-iop.org:8443/sp2/logout_artifact_saml20" ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/logoutres_artifact_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap" ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/managenameidres_post_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap" ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/managenameidres_redirect_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap" ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/managenameidres_artifact_saml20" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-sp.liberty-iop.org:8443/sp2/asscon_redirect_saml20" index="2" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-sp.liberty-iop.org:8443/sp2/asscon_artifact_saml20" index="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> <saml2md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-sp.liberty-iop.org:8443/sp2/asscon_post_saml20" index="0" isDefault="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/> </saml2md:SPSSODescriptor> </saml2md:EntityDescriptor>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]