Update documentation for 1.11 branch.origin/simplesamlphp-1.11

git-svn-id: https://simplesamlphp.googlecode.com/svn/branches/simplesamlphp-1.11@3298 44740490-163a-0410-bde0-09ae8108e29a
author: Jaime Pérez Crespo <jaime.perez@uninett.no> 2013-11-19 16:31:12 +0000
committer: Jaime Pérez Crespo <jaime.perez@uninett.no> 2013-11-19 16:31:12 +0000
commit: 01c2da75719865dae3f52ec58a1ad299b43007f7 (patch)
tree: 25b65128f0387f496ac3f54c93bb7f837dbd5ed9
parent: ee48c89df02281e24b4c47b042ef51bd2df05c93 (diff)
download: simplesamlphp-origin/simplesamlphp-1.11.zip
simplesamlphp-origin/simplesamlphp-1.11.tar.gz
simplesamlphp-origin/simplesamlphp-1.11.tar.bz2
4 files changed, 44 insertions, 0 deletions
diff --git a/docs/simplesamlphp-reference-idp-hosted.txt b/docs/simplesamlphp-reference-idp-hosted.txt
index b2d14ba..b2a708e 100644
--- a/docs/simplesamlphp-reference-idp-hosted.txt
+++ b/docs/simplesamlphp-reference-idp-hosted.txt
@@ -234,6 +234,16 @@ The following SAML 2.0 options are available:
     any value in the SP-remote metadata overrides the one configured
     in the IdP metadata.
 
+`signature.algorithm`
+:   The algorithm to use when signing any message generated by this identity provider. Defaults to RSA-SHA1.
+:   Possible values:
+
+    * `http://www.w3.org/2000/09/xmldsig#rsa-sha1`
+       *Note*: the use of SHA1 is **deprecated** and will be disallowed in the future.
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512`
+
 `validate.authnrequest`
 :   Whether we require signatures on authentication requests sent to this IdP.
 
diff --git a/docs/simplesamlphp-reference-idp-remote.txt b/docs/simplesamlphp-reference-idp-remote.txt
index e8af410..2bc9242 100644
--- a/docs/simplesamlphp-reference-idp-remote.txt
+++ b/docs/simplesamlphp-reference-idp-remote.txt
@@ -142,6 +142,18 @@ The following SAML 2.0 options are available:
 `SingleLogoutServiceResponse`
 :   Endpoint URL for logout responses. Overrides the `SingleLogoutService`-option for responses.
 
+`signature.algorithm`
+:   The algorithm to use when signing any message sent to this specific identity provider. Defaults to RSA-SHA1.
+:   Note that this option also exists in the SP configuration.
+    This value in the IdP remote metadata overrides the value in the SP configuration.
+:   Possible values:
+
+    * `http://www.w3.org/2000/09/xmldsig#rsa-sha1`
+       *Note*: the use of SHA1 is **deprecated** and will be disallowed in the future.
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512`
+
 `SPNameQualifier`
 :   This corresponds to the SPNameQualifier in the SAML 2.0 specification. It allows to give subjects a SP specific namespace. This option is rarely used, so if you don't need it, leave it out. When left out, simpleSAMLphp assumes the entityID of your SP as the SPNameQualifier.
 
diff --git a/docs/simplesamlphp-reference-sp-remote.txt b/docs/simplesamlphp-reference-sp-remote.txt
index 9fbdcef..4d891bb 100644
--- a/docs/simplesamlphp-reference-sp-remote.txt
+++ b/docs/simplesamlphp-reference-sp-remote.txt
@@ -231,6 +231,18 @@ The following SAML 2.0 options are available:
 :   Note that this option also exists in the IdP-hosted metadata.
     The value in the SP-remote metadata overrides the value in the IdP-hosted metadata.
 
+`signature.algorithm`
+:   The algorithm to use when signing any message sent to this specific service provider. Defaults to RSA-SHA1.
+:   Note that this option also exists in the IdP-hosted metadata.
+    The value in the SP-remote metadata overrides the value in the IdP-hosted metadata.
+:   Possible values:
+
+    * `http://www.w3.org/2000/09/xmldsig#rsa-sha1`
+       *Note*: the use of SHA1 is **deprecated** and will be disallowed in the future.
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512`
+
 `simplesaml.nameidattribute`
 :   When the value of the `NameIDFormat`-option is set to either
     `email` or `persistent`, this is the name of the attribute which
diff --git a/modules/saml/docs/sp.txt b/modules/saml/docs/sp.txt
index 84f8ca4..6d05772 100644
--- a/modules/saml/docs/sp.txt
+++ b/modules/saml/docs/sp.txt
@@ -388,6 +388,16 @@ Options
 
 :   *Note*: SAML 2 specific.
 
+`signature.algorithm`
+:   The algorithm to use when signing any message generated by this service provider. Defaults to RSA-SHA1.
+:   Possible values:
+
+    * `http://www.w3.org/2000/09/xmldsig#rsa-sha1`
+       *Note*: the use of SHA1 is **deprecated** and will be disallowed in the future.
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384`
+    * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512`
+
 `redirect.sign`
 :   Whether authentication requests, logout requests and logout responses sent from this SP should be signed. The default is `FALSE`.
author	Jaime Pérez Crespo <jaime.perez@uninett.no>	2013-11-19 16:31:12 +0000
committer	Jaime Pérez Crespo <jaime.perez@uninett.no>	2013-11-19 16:31:12 +0000
commit	01c2da75719865dae3f52ec58a1ad299b43007f7 (patch)
tree	25b65128f0387f496ac3f54c93bb7f837dbd5ed9
parent	ee48c89df02281e24b4c47b042ef51bd2df05c93 (diff)
download	simplesamlphp-origin/simplesamlphp-1.11.zip simplesamlphp-origin/simplesamlphp-1.11.tar.gz simplesamlphp-origin/simplesamlphp-1.11.tar.bz2