update handbook

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2019-06-12 13:47:10 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2019-06-12 13:47:10 +0200
commit: b232b84093993571da6efa97c25e1724370d6a6d (patch)
tree: 6a9aa50957d867413659b2f079f7fa84f3add1d9 /id/server/data/deploy/conf/moa-id/eIDAS
parent: d7b6e57eeb37ef02ceadfe51ca730bccbed939c6 (diff)
download: moa-id-spss-b232b84093993571da6efa97c25e1724370d6a6d.tar.gz
moa-id-spss-b232b84093993571da6efa97c25e1724370d6a6d.tar.bz2
moa-id-spss-b232b84093993571da6efa97c25e1724370d6a6d.zip
4 files changed, 0 insertions, 200 deletions
diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml b/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml
deleted file mode 100644
index 46052053a..000000000
--- a/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-    <comment>SWModule encrypt with JKS.</comment>
-    
-    <entry key="check_certificate_validity_period">false</entry>
-    <entry key="disallow_self_signed_certificate">false</entry>
-    <entry key="response.encryption.mandatory">false</entry>
-    
-    <!-- Data Encryption algorithm -->
-    <entry key="data.encryption.algorithm">http://www.w3.org/2009/xmlenc11#aes256-gcm</entry>
-    
-    <!-- Decryption algorithm Whitelist-->
-    <entry key="encryption.algorithm.whitelist">
-        http://www.w3.org/2009/xmlenc11#aes128-gcm;
-        http://www.w3.org/2009/xmlenc11#aes256-gcm;
-        http://www.w3.org/2009/xmlenc11#aes192-gcm
-    </entry>
-    
-    <!-- Key Encryption algorithm -->
-    <entry key="key.encryption.algorithm">http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</entry>
-    
-    <entry key="keyStorePath">keys/eidasKeyStore.jks</entry>
-    <entry key="keyStoreType">JKS</entry>
-    <entry key="keyStorePassword">local-demo</entry>
-    <entry key="keyPassword">local-demo</entry>
-
-    <!-- Management of the encryption activation -->
-    <entry key="encryptionActivation">eIDAS/encryptionConf.xml</entry>
-
-    <entry key="responseToPointIssuer.BE">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium,C=BE</entry>
-    <entry key="responseToPointSerialNumber.BE">54C8F779</entry>
-
-    <!--  If not present then no decryption will be applied on response -->
-    <entry key="responseDecryptionIssuer">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium, C=BE</entry>
-    <entry key="serialNumber">54C8F779</entry>
-
-    
-</properties>
-\ No newline at end of file
diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/SamlEngine_basics.xml b/id/server/data/deploy/conf/moa-id/eIDAS/SamlEngine_basics.xml
deleted file mode 100644
index 2327fb0d8..000000000
--- a/id/server/data/deploy/conf/moa-id/eIDAS/SamlEngine_basics.xml
+++ /dev/null
@@ -1,98 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SAML constants for AuthnRequests and Responses.</comment>
-
-	<!--
-		Types of consent obtained from the user for this authentication and
-		data transfer.
-		Allow values: 'unspecified'.
-	-->
-	<entry key="consentAuthnRequest">unspecified</entry>
-	<!--
-	Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'.
-	-->
-	<entry key="consentAuthnResponse">obtained</entry>
-
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-	-->
-	<entry key="formatEntity">entity</entry>
-	
-	<!--Only HTTP-POST binding is only supported for inter PEPS-->
-	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
-	<entry key="protocolBinding">HTTP-POST</entry>
-	
-	<entry key="eIDSectorShare">false</entry>
-	<entry key="eIDCrossSectorShare">false</entry>
-	<entry key="eIDCrossBorderShare">false</entry>
-	
-	<!-- Attributes with require option -->
-	<entry key="isRequired">true</entry>
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="friendlyName">false</entry>
-	
-	<!--PEPS in the Service Provider's country-->
-	<entry key="requester">http://S-PEPS.gov.xx</entry>
-
-	<!--PEPS in the citizen's origin country-->
-	<entry key="responder">http://C-PEPS.gov.xx</entry>
-
-	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
-	<entry key="timeNotOnOrAfter">300</entry>
-
-	<!--Validation IP of the response-->
-	<entry key="ipAddrValidation">false</entry>
-	
-	<!--One time use-->
-	<entry key="oneTimeUse">true</entry>
-
-	<!--Subject Attribute Definitions-->
-	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
-	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
-	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
-	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
-	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
-	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
-	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
- 	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
-	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
-	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
-	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
-	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
-	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
-	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
-	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
-	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
-	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
-	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
-	<entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry>
-	<entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
-	<entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
-
-
-	<!--Subject Attribute Definitions eidas format, natural person -->
-	<entry key="eidas/attributes/CurrentFamilyName">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry>
-	<entry key="eidas/attributes/CurrentGivenName">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry>
-	<entry key="eidas/attributes/DateOfBirth">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry>
-	<entry key="eidas/attributes/PersonIdentifier">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry>
-	<entry key="eidas/attributes/BirthName">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry>
-	<entry key="eidas/attributes/PlaceOfBirth">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry>
-	<entry key="eidas/attributes/CurrentAddress">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry>
-	<entry key="eidas/attributes/Gender">http://eidas.europa.eu/attributes/naturalperson/Gender</entry>
-	<!--Subject Attribute Definitions eidas format, legal person -->
-	<entry key="eidas/attributes/LegalPersonIdentifier">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry>
-	<entry key="eidas/attributes/LegalAddress">http://eidas.europa.eu/attributes/legalperson/LegalAddress</entry>
-	<entry key="eidas/attributes/LegalName">http://eidas.europa.eu/attributes/legalperson/LegalName</entry>
-	<entry key="eidas/attributes/VATRegistration">http://eidas.europa.eu/attributes/legalperson/VATRegistration</entry>
-	<entry key="eidas/attributes/TaxReference">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry>
-	<entry key="eidas/attributes/D-2012-17-EUIdentifier">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry>
-	<entry key="eidas/attributes/LEI">http://eidas.europa.eu/attributes/legalperson/LEI</entry>
-	<entry key="eidas/attributes/EORI">http://eidas.europa.eu/attributes/legalperson/EORI</entry>
-	<entry key="eidas/attributes/SEED">http://eidas.europa.eu/attributes/legalperson/SEED</entry>
-	<entry key="eidas/attributes/SIC">http://eidas.europa.eu/attributes/legalperson/SIC</entry>
-
-</properties>
-\ No newline at end of file
diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/SignModule.xml b/id/server/data/deploy/conf/moa-id/eIDAS/SignModule.xml
deleted file mode 100644
index bf7215cb5..000000000
--- a/id/server/data/deploy/conf/moa-id/eIDAS/SignModule.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SWModule sign with JKS.</comment>
-  <entry key="check_certificate_validity_period">false</entry>
-	<entry key="disallow_self_signed_certificate">false</entry>
-
-	<!-- signing Algorithm SHA_512(default),SHA_384,SHA_256 -->
-	<!-- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 -->
-	<!-- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 -->
-	<!-- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 -->
-	<entry key="signature.algorithm">http://www.w3.org/2001/04/xmldsig-more#rsa-sha512</entry>
-
-	<!-- List of incoming Signature algorithms white list separated by ; (default all) -->
-	<entry key="signature.algorithm.whitelist">
-    http://www.w3.org/2001/04/xmldsig-more#rsa-sha256;
-    http://www.w3.org/2001/04/xmldsig-more#rsa-sha384;
-    http://www.w3.org/2001/04/xmldsig-more#rsa-sha512;
-    http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160;
-    http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256;
-    http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384;
-    http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512;
-    http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1;
-    http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-mgf1
-  </entry>
-  
-	<!-- signing response assertion true/false (default false) -->
-	<entry key="response.sign.assertions">true</entry>
-
-  <!--AuthnRequest / Assertion signing keyStore-->
-	<entry key="keyStorePath">keys/eidasKeyStore_Service_CB.jks</entry>
-  <entry key="keyStoreType">JKS</entry>
-	<entry key="keyStorePassword">local-demo</entry>
-	<entry key="keyPassword">local-demo</entry>
-	<entry key="issuer">CN=cpeps-cb-demo-certificate, OU=STORK, O=CPEPS, L=EU, ST=EU, C=CB</entry>
-	<entry key="serialNumber">54C8F839</entry>
-
-
-  <!--Metadata signing keystore-->
-	<entry key="metadata.keyStorePath">keys/eidasKeyStore_METADATA.jks</entry>
-  <entry key="metadata.keyStoreType">JKS</entry>
-	<entry key="metadata.keyStorePassword">local-demo</entry>
-	<entry key="metadata.keyPassword">local-demo</entry>
-	<entry key="metadata.issuer">CN=metadata, OU=DIGIT, O=EC, L=Brussels, ST=EU, C=BE</entry>
-	<entry key="metadata.serialNumber">561BC0C8</entry>
-	
-</properties>
diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/encryptionConf.xml b/id/server/data/deploy/conf/moa-id/eIDAS/encryptionConf.xml
deleted file mode 100644
index ff8307f10..000000000
--- a/id/server/data/deploy/conf/moa-id/eIDAS/encryptionConf.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-<properties>
-	<entry key="EncryptTo.CA">false</entry>
-
-	<entry key="EncryptTo.CB">false</entry>
-
-	<entry key="EncryptTo.CC">false</entry>
-
-	<entry key="EncryptTo.CD">false</entry>
-
-	<entry key="EncryptTo.CF">false</entry>
-
-</properties>
-\ No newline at end of file
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2019-06-12 13:47:10 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2019-06-12 13:47:10 +0200
commit	b232b84093993571da6efa97c25e1724370d6a6d (patch)
tree	6a9aa50957d867413659b2f079f7fa84f3add1d9 /id/server/data/deploy/conf/moa-id/eIDAS
parent	d7b6e57eeb37ef02ceadfe51ca730bccbed939c6 (diff)
download	moa-id-spss-b232b84093993571da6efa97c25e1724370d6a6d.tar.gz moa-id-spss-b232b84093993571da6efa97c25e1724370d6a6d.tar.bz2 moa-id-spss-b232b84093993571da6efa97c25e1724370d6a6d.zip