From c53a7a23f39b91f5760f731be139f9bb3b439eb7 Mon Sep 17 00:00:00 2001
From: "andrew.costa" <andrew.costa@nebraska.edu>
Date: Thu, 13 Apr 2023 17:14:36 -0500
Subject: [PATCH] Draft: Resolve "Onboard Metadata for Orbis"
---
nefed.xml | 151 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 151 insertions(+)
diff --git a/nefed.xml b/nefed.xml
index 8a66a0a..b6414cc 100644
--- a/nefed.xml
+++ b/nefed.xml
@@ -28283,4 +28283,155 @@ Gk3Mp05d1eUmuSx+la30QAXkFgNXDP3Cp3JSKyG5A6EWjhXTyuNZcI/ffo6tjNWg
<EmailAddress>security@nebraska.edu</EmailAddress>
</ContactPerson>
</EntityDescriptor>
+ <EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+ ID="_8b93fcbe1f0138686df57eb6c584244a22d0d753" entityID="https://unl.orbissites.com">
+ <Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" />
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" />
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" />
+ <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
+ <mdrpi:RegistrationInfo registrationAuthority="https://nebraska.edu/nefed" />
+ <mdattr:EntityAttributes>
+ <saml:Attribute Name="http://macedir.org/entity-category"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue>https://nebraska.edu/category/registered-by-nefed</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ <mdui:UIInfo>
+ <mdui:DisplayName xml:lang="en">Orbis</mdui:DisplayName>
+ <mdui:Description xml:lang="en">Orbis</mdui:Description>
+ <mdui:InformationURL xml:lang="en">https://orbiscommunications.com/about/</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://orbiscommunications.com/privacy-policy/</mdui:PrivacyStatementURL>
+ </mdui:UIInfo>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init"
+ Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init"
+ Location="https://unl.orbissites.com/Shibboleth.sso/Login" />
+ </Extensions>
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>orbisonevm</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=orbisonevm</ds:X509SubjectName>
+ <ds:X509Certificate>MIID8DCCAligAwIBAgIUZOnpp3Gbx7Fgdsmlc8oxXMfUmS4wDQYJKoZIhvcNAQEL
+ BQAwFTETMBEGA1UEAxMKb3JiaXNvbmV2bTAeFw0xOTExMjExNjU2MDRaFw0yOTEx
+ MTgxNjU2MDRaMBUxEzARBgNVBAMTCm9yYmlzb25ldm0wggGiMA0GCSqGSIb3DQEB
+ AQUAA4IBjwAwggGKAoIBgQC6PaEZnlzOnTddHqKdXcLyU2hEfrB/6qbtNKyEDqED
+ 2MTU01zuxt7psjz3OHzPLD/QiLbgmu3x10TU9roJNg5C8gj3TxqbrG6NK7HVgWWJ
+ 1TMwu69hL0q+qFBjkvBbvHEiGbWbLvz1wc+y+2VjaEqab7WBgh7whWOmkwlvSnKF
+ //1TUWV7wC53K63sjjS8A3jfVVYuPVSA9FQGnsaULmJ75EtJsiA9uQ+bPpsX2Rx4
+ OgCSlSBOWf/cjBAU7XICo1H7an0qWi9Z6Te7aDcRannalHzvEZLc636h6j4hh3vc
+ k9pCBU+baJ6aEjtA7fOClay34aONxMER+I7mhZctcycQkwASp0Ku0NmqASFrwjka
+ tmrK8N8PUzWvA3O2r45TSpCZu9bQzJ5hWzbH3++a5/Hujx5ovurq8rf77tFeeg93
+ azRIcg+c8lPz21orLvXJlrpoegQGIGSn+CS6ynDzOJD7VATBlnKj/Qt4D1pksDLQ
+ r288ddpJCMBeAibCg5BD+vECAwEAAaM4MDYwFQYDVR0RBA4wDIIKb3JiaXNvbmV2
+ bTAdBgNVHQ4EFgQURnU8vdwKclFEM3sELg4BEoF3qTowDQYJKoZIhvcNAQELBQAD
+ ggGBABG9pwpd2aiRdES/dAJQgbzXOq11YZrNth4u6xeyghGqt4M+IYHjhYKVMW7j
+ JEkqC5WXle2UdkUFtqiCRGY9KgAJL8OP2TBibsl86MjvjQiPUjr8Nmne/6GYKdd1
+ g7v9v3UocWozFQoKteMLNffPLcPeXrS/mFishvBLwnNwouCfH57oJ5OzHKe+PnQ1
+ DI+jgC2uTNaUZRiNrK7zeLKJ30QZ6RE1axmHD7nX3f5rL0oJ06dkH1mxVFoCH8px
+ l9xtL8d5bqJzUhPgohM+juAH+xciKHHs5BZV8dx8LhT4AuQiqr0FUrqZ9va/o5eK
+ sLECLcfP2iJFP5O/3KvBHz7xU8cB3T4VmbhnpIqJztDmJunLmt8EGFr/WFX+LSRW
+ 8GBAuPa1NNrQf0bqpCASe4e59po5YLPtsarTuv7/ik8o1MeBBx1Ab3yTETWNJMpt
+ e2EE2vrCcjQWDuPLHHdBW0C97akEmej0naXvN1KfVkrEolbiiCRCPBkxKW53vB7y
+ 7dyX0Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>orbisonevm</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=orbisonevm</ds:X509SubjectName>
+ <ds:X509Certificate>MIID8DCCAligAwIBAgIUKvFTj2nQrMNmrA4D5MOFyDDFegAwDQYJKoZIhvcNAQEL
+ BQAwFTETMBEGA1UEAxMKb3JiaXNvbmV2bTAeFw0xOTExMjExNjU2MDBaFw0yOTEx
+ MTgxNjU2MDBaMBUxEzARBgNVBAMTCm9yYmlzb25ldm0wggGiMA0GCSqGSIb3DQEB
+ AQUAA4IBjwAwggGKAoIBgQDBEBmbNOpmFOmm3Y9cLfzi4IsMZeBRQULJz2q4YwcM
+ X9O09R1ZJk/IkbfPBWnBjWbwNoAOdfxm6dha+XAGJVpJJ6oZzIjDHWIdR2mRZyyM
+ 0qWWLE9nrWm4QBeK/nJKbUqge1d2OUDehwk1oOse0QDDOoXMRe9WnjEFkMJhZY6g
+ oYG5vS3AX5P6OX7UxOXKEyHZONlBALpG6keOOOstm9ogcDhICLIT67+VtoOX5QnA
+ 9Se5M7Lhplrp3I6QFSOpmzpn2UwrujN9ezaQZLOItGh3SF+G99UvSXBr9/qDatoK
+ tDDShep1cT6KNtjBThBK0agEXhWUlqcbosZvIdVAOGID5NoVEOn/SpGXHnQLb7g0
+ xa10BvcdfsfzbXtBBUQ4HRJzKrc+7c4K8Sg+OKKGRKqcAHSg71CsnoIlHAd4llx9
+ 5RuKj5dLNs0mFOp4g6TCSlC8MA38GDtlxBwXxewSwFmJdc9kVXfqQ7kkEec1M/CK
+ QkKmh4cELKC9uxpkXQRQHVMCAwEAAaM4MDYwFQYDVR0RBA4wDIIKb3JiaXNvbmV2
+ bTAdBgNVHQ4EFgQUMLakf2n8RqSva6kOVJ471z8/gy8wDQYJKoZIhvcNAQELBQAD
+ ggGBAKbk+dNF/H/Kr8pR054LE2Rd1ND4mWEhCEfq1PVdMp50KR4cK0ATq1hiZReH
+ 9jJWwsxkOGLqHFh4VSUUoe+vHpx9ZoT+8+rAufNZtsea/pUtn0s6O+SFRDDDxuj4
+ bD5yHF97V7NwcsY9JpF0CaeLPU1X5j1woC3Mf7fP5IGOza0QHmmnRj+GmXK+kMes
+ DwA1CaZQBNWYmeHfFyWGl1ay++WoHwwYgGp04Lhpx1pxio31XE5lOyEUibpxBat6
+ M+zoe101HM1I6cCSu6X/MkIM9HtIOGz2I0Zo5OV0O4d5vXEvN196LD+fWkGM9wKt
+ 2rxVIOI9XsXhO0sOgNJyrw7rhif9xWi1av9Fi7tKT77puO2cNPQb+AarMdxiOXHm
+ 9DkGDjkB920x06T0HAEg+WaGxXGu92PzJwJz7ykeNHIyJenW2XNTxeUDp4UMI179
+ 9snhb94xu1/siBVGxxuGsaB2v3OZjBZ12umb7kLy86Fp9EkM5+Tcj75g6mi52Adp
+ qzdzNQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" />
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://unl.orbissites.com/Shibboleth.sso/Artifact/SOAP" index="1" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SLO/SOAP" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SLO/Redirect" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SLO/POST" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SLO/Artifact" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SAML2/POST" index="1" />
+ <AssertionConsumerService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SAML2/Artifact" index="3" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
+ Location="https://unl.orbissites.com/Shibboleth.sso/SAML2/ECP" index="4" />
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Orbis Communications</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Orbis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">https://orbiscommunications.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Andrew Christenson</GivenName>
+ <EmailAddress>achristenson3@unl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Brad Thomson</GivenName>
+ <EmailAddress>bthomson@orbiscommunications.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brad Thomson</GivenName>
+ <EmailAddress>bthomson@orbiscommunications.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="other"
+ remd:contactType="http://refeds.org/metadata/contactType/security">
+ <GivenName>ITS Security</GivenName>
+ <EmailAddress>security@nebraska.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
</EntitiesDescriptor>
\ No newline at end of file
--
GitLab