<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td class="mPadding0" style="padding-bottom: 20px;"
valign="top" align="left">
<table width="100%" cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td valign="top" bgcolor="#FFFFFE" align="center">
<table class="mWidth100" style="width: 620px;"
cellspacing="0" cellpadding="0" border="0"
align="center">
<tbody>
<tr>
<td class="mHdrPadding" style="padding: 15px
0px;" valign="top" align="left">
<table width="100%" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td align="left">
<table width="100%" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td class="nb_title"
style="font-family: Arial,
Helvetica, 'Helvetica Neue',
sans-serif; font-size: 19px;
color: #000001; font-weight:
bold; line-height: 22px;"
align="left">SURFconext News
SP-edition 2019 #1</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td class="mHdrPadding" style="padding: 0px
0px;" valign="top" align="left">
<table width="100%" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td style="padding: 0px 0px;"
valign="top" align="left"><img
src="cid:part1.AF13BF95.23EA0421@surfconext.nl"
alt="" moz-do-not-send="false"
class="" width="600" height="125"></td>
</tr>
<tr>
<td style="padding: 0px 0px;
line-height: 0px; font-size: 0px;"
valign="top" height="16"
align="left"><br>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td class="mFlexPadding" style="padding-bottom: 5px;"
valign="top" align="center">
<table class="mWidth100" style="width: 660px;"
cellspacing="0" cellpadding="0" border="0" align="center">
<tbody>
<tr>
<td valign="top" align="left"><br>
<table width="100%" cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td class="mPadding0" style="padding-bottom:
20px;" valign="top" align="left">
<table width="100%" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td valign="top" align="left">
<table width="100%" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td class="mHide"
style="width: 12px;
line-height: 0px; margin:
0px; font-size: 0px;"
valign="top">
<h2> </h2>
</td>
<td style="height: 12px;
line-height: 0px; margin:
0px; font-size: 0px;"
height="12"
bgcolor="#FFFFFF"> </td>
<td class="mHide"
style="width: 12px;
line-height: 0px; margin:
0px; font-size: 0px;"
valign="top"> </td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#FFFFFF"
align="center">
<table class="mWidth100"
style="width: 620px;"
cellspacing="0" cellpadding="0"
border="0" align="center">
<tbody>
<tr>
<td class="nb_kop"
style="font-family: Arial,
Helvetica, 'Helvetica Neue',
sans-serif; color: #1570a6;
font-size: 15px;
line-height: 20px;
font-weight: bold; padding:
4px 0px 2px;" valign="top"
align="left"> </td>
</tr>
<tr>
<td valign="top" align="left">
<table width="100%"
cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td valign="top"
align="left">This
newsletter will
bring you
information about
new developments
regarding
SURFconext, plans
for the future, tips
and tricks and will
appear on an
irregular basis.<br>
<br>
<span
style="font-weight:
bold;">Who receive
this newsletter?</span><br>
All technical and
administrative
contacts of a
service connected to
SURFconext will
receive this
newsletter.
Subscribe <a
href="https://list.surfnet.nl/mailman/listinfo/surfconext-sp-newsletter">here</a>
and unsubscribe <a
href="https://list.surfnet.nl/mailman/options/surfconext-sp-newsletter">
here</a>.<br>
<br>
For an overview of
all mailings by the
SURFconext team, <a
href="https://wiki.surfnet.nl/pages/viewpage.action?pageId=60701393">see
the following
page.</a><br>
<br>
In this edition:<br>
<ol>
<li>New release SP
Dashboard</li>
<li>SURFconext
staging
environment: end
of life</li>
<li>Blogs:
Attribute
Aggregation</li>
<li>Keep your
software up to
date!<br>
</li>
<li>Complete your
key rollover
before 1 May</li>
</ol>
<h1>New release SP
Dashboard</h1>
<p>Two weeks ago the
new version of the
SP Dashboard has
been released. The
SP Dashboard
allows vendors or
institutions to
independently
manage services on
the SURFconext
platform. The most
important new
features:</p>
<ul>
<li>It is now
possible to
configure
entities based
on OpenID
Connect.</li>
<li>Insight into
both entities
located on the
test environment
and the
production
environment of
SURFconext</li>
<li>The connection
process is
clearly
displayed with
the help of
donuts</li>
</ul>
<p>In addition, the
background
components have
also been
modified, making
support for the
SURFconext team
more efficient. An
example of this is
the link between
SP Dashboard and
our ticketing
system.<br>
<br>
<a
moz-do-not-send="true"
href="https://wiki.surfnet.nl/display/surfconextdev/New+features"> For
an overview of
all new features
see the
following page.</a><span
class="confluence-link"><br>
</span></p>
<h1>SURFconext
staging
environment: end
of life</h1>
<p>SURFconext
currently has
three
environments: (1)
test, (2) staging
(also called
pre-production or
acceptance) and
(3) production.
From <b>1 May
2019</b> the
staging
environment will
disappear. SPs and
IdPs connected to
this environment
will not be
available after
this date. All
institutions
already have been
notified.<br>
</p>
<p>For more
information, <a
moz-do-not-send="true"
href="https://wiki.surfnet.nl/display/surfconextdev/Uitfaseren+staging+omgeving">read
the following
wiki page
including
frequently asked
questions.</a> <br>
</p>
<p>Please let us
know via
support@surfconext
if certain
scenarios your
service depends on
are no longer
supported. We're
happy to help to
find a solution.<br>
</p>
<h1>Blog: Attribute
Aggregation<br>
</h1>
<p><span>Attribute
Aggregation is a
powerful tool
that enables a
user’s identity
to be enriched
with information
from sources
other than the
institution
itself. Group
information or a
researcher ID
can, for
example, be made
available to a
service when
logging in.<br>
</span></p>
<p><span>In her
blogs, Femke
Morsch explains
in detail <a
moz-do-not-send="true"
href="https://blog.surf.nl/en/enrich-your-identity-attribute-aggregation-in-surfconext/">how
Attribute
Aggregation
works</a>, and
<a
moz-do-not-send="true"
href="https://blog.surf.nl/en/ordering-and-reading-with-estudybooks-is-easy-and-safe-with-surfconext/">how
SURFconext
helps to
provide safe
and fast
access to the
eStudybooks
portal</a>.</span></p>
<h1>Keep your
software up to
date!<br>
</h1>
<p dir="ltr"
style="caret-color:
rgb(0, 0, 0);
color: rgb(0, 0,
0); font-size:
12px; font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align: start;
text-indent: 0px;
text-transform:
none; white-space:
normal;
word-spacing: 0px;
-moz-text-size-adjust: auto; -webkit-text-stroke-width: 0px;
background-color:
rgb(255, 255,
255);
text-decoration:
none; line-height:
1.38; margin-top:
0pt;
margin-bottom:
0pt;"><span style="font-size: 11pt; color: rgb(0, 0, 0); background-color: transparent; font-weight: 400; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">SURFconext keeps evolving and we upgrade our platform continuously. Last year we enforced SHA256 as a signing algorithm and as of May 2019 we will update our keys. Service Providers and Identity Providers have been informed about this.</span></p>
<br>
<b>Safety, tools and
upgrades</b><br
style="caret-color:
rgb(0, 0, 0);
color: rgb(0, 0,
0); font-size:
12px; font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align: start;
text-indent: 0px;
text-transform:
none; white-space:
normal;
word-spacing: 0px;
-moz-text-size-adjust: auto; -webkit-text-stroke-width: 0px;
background-color:
rgb(255, 255,
255);
text-decoration:
none;">
<p dir="ltr"
style="caret-color:
rgb(0, 0, 0);
color: rgb(0, 0,
0); font-size:
12px; font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align: start;
text-indent: 0px;
text-transform:
none; white-space:
normal;
word-spacing: 0px;
-moz-text-size-adjust: auto; -webkit-text-stroke-width: 0px;
background-color:
rgb(255, 255,
255);
text-decoration:
none; line-height:
1.38; margin-top:
0pt;
margin-bottom:
0pt;"><span style="font-size: 11pt; color: rgb(0, 0, 0); background-color: transparent; font-weight: 400; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">During transitions like these we answer all kinds of questions and we assist in testing services as well as identity providers. With all the interaction we have, we notice that everyone works hard to stay compatible with SURFconext. This doesn't necessarily mean the software running services or identity providers is up to scratch. Have you checked the software recently? Now is a good time as any to do some checks. To start, SURFconext policy mandates the use HTTPS URL's on all protocol endpoints. This means the use of TLS for protecting the communication between clients (a user's browser) and your server. <a moz-do-not-send="true" href="https://edu.nl/pmrw6">Our wiki contains a checklist for the TLS-configuration of your service</a></span><span style="font-size: 11pt; color: rgb(0, 0, 0); background-color: transparent; font-weight: 400; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><a moz-do-not-send="true" href="https://edu.nl/pmrw6">.</a> SURF offers tools to automate such checks with <a moz-do-not-send="true" href="https://dashboard.surfnet.nl/details.php?id=15">SURFopzichter</a></span><span style="font-size: 11pt; color: rgb(0, 0, 0); background-color: transparent; font-weight: 400; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-position: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">. Another thing you can and probably must do is keep the installation of your SAML or OIDC based software up-to-date. A problem you might run into is that browser support for TLS v1.0 and v1.1 will be dropped in 2020. How such an upgrade should be performed depends on your installation. </span></p>
<br>
<b>More information</b><br
style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-size: 12px;
font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align: start;
text-indent: 0px;
text-transform:
none; white-space:
normal;
word-spacing: 0px;
-moz-text-size-adjust: auto; -webkit-text-stroke-width: 0px;
background-color:
rgb(255, 255,
255);
text-decoration:
none;">
<a
moz-do-not-send="true"
href="https://edu.nl/ht88r"><span style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; word-spacing: 0px; -moz-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; text-decoration: none; font-size: 11pt; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre-wrap;">Visit our wiki for the basics of SimpleSAMLphp, Shibboleth, Wordpress, etc</span></a><span style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; word-spacing: 0px; -moz-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; text-decoration: none; font-size: 11pt; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre-wrap;"><a moz-do-not-send="true" href="https://edu.nl/ht88r">.</a> Happy upgrading! </span>
<h1>Complete your
key rollover
before 1 May</h1>
The <a
href="https://edu.nl/keyrollover"
data-mce-href="https://edu.nl/keyrollover">SURFconext metadata migration
and key rollover </a>is
well underway. We
have sent several
emails about this
process to SPs
already and are glad
to see that a large
percentage has
already migrated.
Still, there remains
a significant number
that still has to
complete the
migration before 1
May. Service
providers that have
not migrated will
cease to function
after this date. If
you encounter any
trouble or blockages
in this process, do
not hesitate to
contact us! We are
here to help.<br>
<br>
<hr></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</body>
</html>