[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: RSA SAML Interop technical issues
All, Please find attached metadata files of NTT. I have changed them so that our implementations (IDP and SP) would use certificates that are provided during the dry-run event. Endpoint has not been changed since the dry-run event. Thanks and best regards, Yuzo Ciochon, Robert wrote: > Hi, > During the dry run we were able to assemble the metadata for all vendors > who are participating. If you have had to change your metadata since > the dry run, please send it out to the list so everyone can maintain a > current version for their providers. This will be one less step that > will need to be done at show setup. Note that some vendors were running > without SSL at the dry run. If you were one of them, SSL will be > required for the show and your metadata will need to change. > > A few items came up during the dry run that were accomodated, but in the > interest of a smoother show setup everyone wanted standardized. Please > respond if you disagree with the proposed requirements for the SAML Interop: > > * RelayState in an idP initiated SSO - This varied between vendors, > with some passing a valid URL, others sending an empty string, > others not sending it at all and still others using a special > string. The concensus of those on the conference call today was > to specify that the RelayState is optional, but if sent, it MUST > be a valid URL. > * XML signature KeyInfo element - Some vendors were failing if an > XML sig was sent without having the key embedded in the KeyInfo > element. The concensus on the call was to have it optional if > the KeyInfo is sent and not have it required by any vendor. > * Signing AuthnRequest - The Metadata standard provides for separate > settings for idP and SP on whether an AuthnRequest should be > signed, and they can conflict (the SP metadata specifying don't > sign it, the idP specifying it must be signed). The concensus on > the call was to leave it up to the SP to specify if the > AuthnRequest was signed, and the idP would not have a preference. > However, it appears from the spec this can't be set for the idP > (it requires either always or never signed), so instead, the > requirement is that all AuthnRequests will be signed. > > Please respond as soon as possible to the above issues, as a decision > will be put in writing on Friday. > Regards, > Bob > > Robert Ciochon > eTrust Development Manager > Computer Associates > San Diego, California > (858) 625-6866 > robert.ciochon@ca.com > -- Yuzo Koga <koga.yuzo@lab.ntt.co.jp> NTT Information Sharing Platform Labs. tel: +81 422 59 3202, fax: +81 422 59 5659, aim: yzkoga
<?xml version="1.0" encoding="UTF-8"?>
<saml2md:EntityDescriptor ID="NTTDEDCB121E2F76370655CB6D80F16408C" entityID="https://d-idp.liberty-iop.org:8443/idp/saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:Signature xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:SignedInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<ds:Reference URI="#NTTDEDCB121E2F76370655CB6D80F16408C" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:Transforms xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<ds:DigestValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">G5316OeHhf2u0/vz0hz/410Y670=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
UZb6ApppTrAOdZ/hrueA6Wqjv8qQafDQOcaEFTnK/POLyqiiacpq8TzSJTpFyR8wVcRJYZtVFSSb
XaNYqyG8WLhErN30k4nDIVdWnB5MATOhPzhiRh12yN9echfGPfMHcrR/i79oV21vmW/9dk1WqRee
RFJsybeg3r9w4VRgk8c= </ds:SignatureValue>
</ds:Signature>
<saml2md:IDPSSODescriptor WantAuthnRequestsSigned="1" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:KeyDescriptor use="signing" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
MIICqjCCAZKgAwIBAgIBDjANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ
BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMFoXDTA2MDIwMjE5NDkwMFowODEWMBQGA1UEChMNTlRU
IFNpZ25hdHVyZTEeMBwGA1UEAxMVZC1pZHAubGliZXJ0eS1pb3Aub3JnMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQCyRIsUsYtPPL8GLXiMhLy2ibtgVV4lbSq4Ud4n08rs0ICDv11GTaSos26+
Q4Ipc5ZWSV0mroq8XZQ9FuWK9dwk6EZY8kODyL/XEajvlKe4y9bhwos5Pte0/JkxBR1VyCdx1tI6
OxaUSCMLZYpzI58csWGb6DgpkjQHypDnJryKdQIDAQABo1owWDAdBgNVHQ4EFgQUgDhRpgMNJeqi
fl/bl12TJ9K3XcEwHwYDVR0jBBgwFoAUZFb1bRyyvdicdcD0mR0n6ARdeykwCQYDVR0TBAIwADAL
BgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQEFBQADggEBAKd/7gFt11Ifw3mYAycMX31grPQbrdWv6EYM
2yxnIVFJwsDN0OnRtbNyUDawqPz0BJs0vA4aOVRlztWgCJb9XH6tP3U5QuEQJtx40iFi7t3Ym0tI
usgm7C9zxKxn4QOx8WWx404YqvWXiLSZWwi2E3SvCi2alWmip2SeRUFHdJHZZz8GZAr6mTjvBQ7Y
twaiQzpZ4mTnJCXr0GNaMTUEvkKr2PKp7uWpQgXCKOJ6I+ZceSHsjoDJzyrMEpaMeKy9e6GKXQGx
wu4/T5T9y5YQlJn9IS94sUubjeROu7qQ0ZFmpDiVrKgE3NtDF8KTFQeqE1qZYt4ZVREr7X7enhA0
CPs= </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml2md:KeyDescriptor>
<saml2md:KeyDescriptor use="encryption" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
MIICDDCCAXWgAwIBAgIBYTANBgkqhkiG9w0BAQQFADA1MQswCQYDVQQGEwJVUzEUMBIGA1UEChML
TGliZXJ0eSBJT1AxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMDQxMTI5MTQ0MjM1WhcNMDUxMTI5MTQ0
MjM1WjBHMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPTGliZXJ0eSBJT1AtZW5jMR4wHAYDVQQDExVk
LWlkcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ9uqfhS7VA0
kZJpn3f/aTdfrF0fBX38C95S+4RjxsJ34AebqriySMEaR4JUO3ohHqSmk9J4+Tfb54gqvF/t+1L8
IvVVisZccz43mZ288xjj9a03TDCvz0Cgq+V8/92bBI4MshSv1ARcyLkH/wv6DySIKcD+maKyo6zn
f0cJX/QHAgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgUgMA0GCSqGSIb3DQEBBAUAA4GB
AG7ymkHMlWdVmrbVcqkzDEiM7Ehszfv9FlbQvid4DKMTJ7qGLh2LDaf83a8hjDCRUYumn/ghCZwd
gNuzGJAhoa30VXCc4nTM6BWLfZae2rdZEO6wGTg93eIS4DcO+hjxfBLlMSijoc76X4pc+tiDRriZ
T/pPiu2/vOk/Qh3yReiM </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml2md:KeyDescriptor>
<saml2md:Organization xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:OrganizationName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NIPPON
TELEGRAPH AND TELEPHONE CORPORATION</saml2md:OrganizationName>
<saml2md:OrganizationDisplayName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:OrganizationDisplayName>
<saml2md:OrganizationURL xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">http://www.ntt.co.jp</saml2md:OrganizationURL>
</saml2md:Organization>
<saml2md:ContactPerson contactType="other" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:Company xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:Company>
<saml2md:GivenName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Yuzo</saml2md:GivenName>
<saml2md:SurName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Koga</saml2md:SurName>
<saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">koga.yuzo@lab.ntt.co.jp</saml2md:EmailAddress>
<saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">yzkoga@aol.com</saml2md:EmailAddress>
<saml2md:TelephoneNumber xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">+81
422 59 3202</saml2md:TelephoneNumber>
</saml2md:ContactPerson>
<saml2md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap"; index="0" isDefault="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-idp.liberty-iop.org:8443/idp/logoutreq_redirect_saml20"; ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/logoutres_redirect_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-idp.liberty-iop.org:8443/idp/logoutreq_artifact_saml20"; ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/logoutres_artifact_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-idp.liberty-iop.org:8443/idp/logoutreq_post_saml20"; ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/logoutres_post_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-idp.liberty-iop.org:8443/idp/managereq_redirect_saml20"; ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/manageres_redirect_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-idp.liberty-iop.org:8443/idp/managereq_artifact_saml20"; ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/manageres_artifact_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-idp.liberty-iop.org:8443/idp/managereq_post_saml20"; ResponseLocation="https://d-idp.liberty-iop.org:8443/idp/manageres_post_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-idp.liberty-iop.org:8443/idp/authn_redirect_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-idp.liberty-iop.org:8443/idp/authn_artifact_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-idp.liberty-iop.org:8443/idp/authn_post_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
</saml2md:IDPSSODescriptor>
<saml2md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:KeyDescriptor use="signing" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
MIICqjCCAZKgAwIBAgIBDjANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ
BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMFoXDTA2MDIwMjE5NDkwMFowODEWMBQGA1UEChMNTlRU
IFNpZ25hdHVyZTEeMBwGA1UEAxMVZC1pZHAubGliZXJ0eS1pb3Aub3JnMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQCyRIsUsYtPPL8GLXiMhLy2ibtgVV4lbSq4Ud4n08rs0ICDv11GTaSos26+
Q4Ipc5ZWSV0mroq8XZQ9FuWK9dwk6EZY8kODyL/XEajvlKe4y9bhwos5Pte0/JkxBR1VyCdx1tI6
OxaUSCMLZYpzI58csWGb6DgpkjQHypDnJryKdQIDAQABo1owWDAdBgNVHQ4EFgQUgDhRpgMNJeqi
fl/bl12TJ9K3XcEwHwYDVR0jBBgwFoAUZFb1bRyyvdicdcD0mR0n6ARdeykwCQYDVR0TBAIwADAL
BgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQEFBQADggEBAKd/7gFt11Ifw3mYAycMX31grPQbrdWv6EYM
2yxnIVFJwsDN0OnRtbNyUDawqPz0BJs0vA4aOVRlztWgCJb9XH6tP3U5QuEQJtx40iFi7t3Ym0tI
usgm7C9zxKxn4QOx8WWx404YqvWXiLSZWwi2E3SvCi2alWmip2SeRUFHdJHZZz8GZAr6mTjvBQ7Y
twaiQzpZ4mTnJCXr0GNaMTUEvkKr2PKp7uWpQgXCKOJ6I+ZceSHsjoDJzyrMEpaMeKy9e6GKXQGx
wu4/T5T9y5YQlJn9IS94sUubjeROu7qQ0ZFmpDiVrKgE3NtDF8KTFQeqE1qZYt4ZVREr7X7enhA0
CPs= </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml2md:KeyDescriptor>
<saml2md:KeyDescriptor use="encryption" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
MIICDDCCAXWgAwIBAgIBYTANBgkqhkiG9w0BAQQFADA1MQswCQYDVQQGEwJVUzEUMBIGA1UEChML
TGliZXJ0eSBJT1AxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMDQxMTI5MTQ0MjM1WhcNMDUxMTI5MTQ0
MjM1WjBHMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPTGliZXJ0eSBJT1AtZW5jMR4wHAYDVQQDExVk
LWlkcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ9uqfhS7VA0
kZJpn3f/aTdfrF0fBX38C95S+4RjxsJ34AebqriySMEaR4JUO3ohHqSmk9J4+Tfb54gqvF/t+1L8
IvVVisZccz43mZ288xjj9a03TDCvz0Cgq+V8/92bBI4MshSv1ARcyLkH/wv6DySIKcD+maKyo6zn
f0cJX/QHAgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgUgMA0GCSqGSIb3DQEBBAUAA4GB
AG7ymkHMlWdVmrbVcqkzDEiM7Ehszfv9FlbQvid4DKMTJ7qGLh2LDaf83a8hjDCRUYumn/ghCZwd
gNuzGJAhoa30VXCc4nTM6BWLfZae2rdZEO6wGTg93eIS4DcO+hjxfBLlMSijoc76X4pc+tiDRriZ
T/pPiu2/vOk/Qh3yReiM </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml2md:KeyDescriptor>
<saml2md:Organization xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:OrganizationName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NIPPON
TELEGRAPH AND TELEPHONE CORPORATION</saml2md:OrganizationName>
<saml2md:OrganizationDisplayName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:OrganizationDisplayName>
<saml2md:OrganizationURL xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">http://www.ntt.co.jp</saml2md:OrganizationURL>
</saml2md:Organization>
<saml2md:ContactPerson contactType="other" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:Company xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:Company>
<saml2md:GivenName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Yuzo</saml2md:GivenName>
<saml2md:SurName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Koga</saml2md:SurName>
<saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">koga.yuzo@lab.ntt.co.jp</saml2md:EmailAddress>
<saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">yzkoga@aol.com</saml2md:EmailAddress>
<saml2md:TelephoneNumber xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">+81
422 59 3202</saml2md:TelephoneNumber>
</saml2md:ContactPerson>
<saml2md:AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-idp.liberty-iop.org:8443/idp/services/soap"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
</saml2md:AttributeAuthorityDescriptor>
</saml2md:EntityDescriptor>
<?xml version="1.0" encoding="UTF-8"?>
<saml2md:EntityDescriptor ID="NTT970945AC8C8A6094FCEB9A952141F74B" entityID="https://d-sp.liberty-iop.org:8443/sp2/saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:Signature xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:SignedInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<ds:Reference URI="#NTT970945AC8C8A6094FCEB9A952141F74B" xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:Transforms xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<ds:DigestValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">V+gyNDgdlpkSPQf0hXZV71poOV8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
HbI5cYxzHKDH0BAl5gsdQNaFSAuYvfoQ6W3cVp4raQZzgUsy7uOzpc5iF2yCj3so95FDW0yHoW0E
hmcOtWMw3VuaMIKM7AVQhKW+xgIl/W3rdL9GSMvKuvANAaMn5aWUdoxQjvjGyi6NWxkn0srmxklN
KzNPVB6qvw+Fs15+Lp0= </ds:SignatureValue>
</ds:Signature>
<saml2md:SPSSODescriptor AuthnRequestsSigned="1" WantAssertionsSigned="1" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:2.0:protocol" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:KeyDescriptor use="signing" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
MIICqTCCAZGgAwIBAgIBEDANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ
BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMVoXDTA2MDIwMjE5NDkwMVowNzEWMBQGA1UEChMNTlRU
IFNpZ25hdHVyZTEdMBsGA1UEAxMUZC1zcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEB
BQADgY0AMIGJAoGBAMNKkPjrbVfgx1jyFD6Iisz4GrVwkSksODL8oaIw/BgqeWC5hfHWpNAYhQkI
ZtXQHtHFK+yCNqQ4cPQlPEyvvUofqm6Ntipdjdaawwde1U+PdC2M4YpUiDS2JWpA8qH5XCElhcDZ
80GeCFuf7m/Xaohz0TiYlm/y+XZlpdAEz35VAgMBAAGjWjBYMB0GA1UdDgQWBBQqIcUykinWjbPV
cv+fLC6fWW+BZTAfBgNVHSMEGDAWgBRkVvVtHLK92Jx1wPSZHSfoBF17KTAJBgNVHRMEAjAAMAsG
A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAm+8TpXiE4P8uYbADr6kTCVpEP888kIm19KnS
B7TMFn5wWmNV767uWVG+kV+KsqS1WfM98PyaJ+EM8Qby8Ou9nvF3wfvfYf/CgwggdVb7MFSyFg5v
clIcqfxYV9TpeyQKBNU8L/97DKFDJlBaIfaEQofVEGbDHtAVAvcB1hDA0W3qRIOMCqcQ58FLHt01
TWpf86zO5yE9uIyOHh4CWM07clauOQkB0emG7R5gAW3SZOK52nzjZXlZNNAOzC5y0DuruqTd03r2
CYAzmsn85EkrxnLvLWsWKAiGU4ISy7cnKJ4Gi1cgAyzLBdgPo08oPgfKhG1McrYT9DLZyH1DuZUa
Ew== </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml2md:KeyDescriptor>
<saml2md:KeyDescriptor use="encryption" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:KeyInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Data xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<ds:X509Certificate xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
MIICqTCCAZGgAwIBAgIBEDANBgkqhkiG9w0BAQUFADAhMRIwEAYDVQQKEwlTQU1MIERlbW8xCzAJ
BgNVBAMTAkNBMB4XDTA1MDIwMjE5NDkwMVoXDTA2MDIwMjE5NDkwMVowNzEWMBQGA1UEChMNTlRU
IFNpZ25hdHVyZTEdMBsGA1UEAxMUZC1zcC5saWJlcnR5LWlvcC5vcmcwgZ8wDQYJKoZIhvcNAQEB
BQADgY0AMIGJAoGBAMNKkPjrbVfgx1jyFD6Iisz4GrVwkSksODL8oaIw/BgqeWC5hfHWpNAYhQkI
ZtXQHtHFK+yCNqQ4cPQlPEyvvUofqm6Ntipdjdaawwde1U+PdC2M4YpUiDS2JWpA8qH5XCElhcDZ
80GeCFuf7m/Xaohz0TiYlm/y+XZlpdAEz35VAgMBAAGjWjBYMB0GA1UdDgQWBBQqIcUykinWjbPV
cv+fLC6fWW+BZTAfBgNVHSMEGDAWgBRkVvVtHLK92Jx1wPSZHSfoBF17KTAJBgNVHRMEAjAAMAsG
A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAm+8TpXiE4P8uYbADr6kTCVpEP888kIm19KnS
B7TMFn5wWmNV767uWVG+kV+KsqS1WfM98PyaJ+EM8Qby8Ou9nvF3wfvfYf/CgwggdVb7MFSyFg5v
clIcqfxYV9TpeyQKBNU8L/97DKFDJlBaIfaEQofVEGbDHtAVAvcB1hDA0W3qRIOMCqcQ58FLHt01
TWpf86zO5yE9uIyOHh4CWM07clauOQkB0emG7R5gAW3SZOK52nzjZXlZNNAOzC5y0DuruqTd03r2
CYAzmsn85EkrxnLvLWsWKAiGU4ISy7cnKJ4Gi1cgAyzLBdgPo08oPgfKhG1McrYT9DLZyH1DuZUa
Ew== </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml2md:KeyDescriptor>
<saml2md:Organization xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:OrganizationName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NIPPON
TELEGRAPH AND TELEPHONE CORPORATION</saml2md:OrganizationName>
<saml2md:OrganizationDisplayName xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:OrganizationDisplayName>
<saml2md:OrganizationURL xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">http://www.ntt.co.jp</saml2md:OrganizationURL>
</saml2md:Organization>
<saml2md:ContactPerson contactType="other" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">
<saml2md:Company xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">NTT</saml2md:Company>
<saml2md:GivenName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Yuzo</saml2md:GivenName>
<saml2md:SurName xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">Koga</saml2md:SurName>
<saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">koga.yuzo@lab.ntt.co.jp</saml2md:EmailAddress>
<saml2md:EmailAddress xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">yzkoga@aol.com</saml2md:EmailAddress>
<saml2md:TelephoneNumber xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata">+81
422 59 3202</saml2md:TelephoneNumber>
</saml2md:ContactPerson>
<saml2md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap"; index="0" isDefault="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-sp.liberty-iop.org:8443/sp2/logout_post_saml20"; ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/logoutres_post_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-sp.liberty-iop.org:8443/sp2/logout_redirect_saml20"; ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/logoutres_redirect_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-sp.liberty-iop.org:8443/sp2/logout_artifact_saml20"; ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/logoutres_artifact_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap"; ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/managenameidres_post_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap"; ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/managenameidres_redirect_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-sp.liberty-iop.org:8443/sp2/services/soap"; ResponseLocation="https://d-sp.liberty-iop.org:8443/sp2/managenameidres_artifact_saml20"; xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://d-sp.liberty-iop.org:8443/sp2/asscon_redirect_saml20"; index="2" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://d-sp.liberty-iop.org:8443/sp2/asscon_artifact_saml20"; index="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
<saml2md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://d-sp.liberty-iop.org:8443/sp2/asscon_post_saml20"; index="0" isDefault="1" xmlns="" xmlns:saml2md="urn:oasis:names:tc:SAML:2.0:metadata"/>
</saml2md:SPSSODescriptor>
</saml2md:EntityDescriptor>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]