Skip to content

Commit

Permalink
Feature/is18 html scripts (#19)
Browse files Browse the repository at this point in the history 
* IS-18 Formatting fixes for HTML and PDF conversion

* IS-18 Added MD to HTML conversion script

* IS-18 Added script for release support and added description file
  • Loading branch information
@martin-lindstrom
martin-lindstrom authored Mar 23, 2017
1 parent 62a1b4f commit f46e559
Show file tree
Hide file tree
Showing 18 changed files with 1,022 additions and 111 deletions.
12 changes: 6 additions & 6 deletions ELN-0602 - Deployment Profile for the Swedish eID Framework.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,11 +79,11 @@

7.1. [Authentication Context URIs for Signature Services](#authentication-context-uris-for-signature-services)

7.2. [Authentication Requests](#authentication-requests)
7.2. [Authentication Requests](#authentication-requests2)

7.2.1. [Requesting Display of Signature Message](#requesting-display-of-signature-message)

7.3. [Authentication Responses](#authentication-responses)
7.3. [Authentication Responses](#authentication-responses2)

8. [**Normative References**](#normative-references)

Expand Down Expand Up @@ -316,7 +316,7 @@ represented with the language attribute `en` (English).

An Identity Provider MAY require authentication request messages to be
signed. This is indicated by assigning the
`WantAuthnRequestsSigned`attribute of the `<md:IDPSSPDescriptor>`
`WantAuthnRequestsSigned` attribute of the `<md:IDPSSPDescriptor>`
element to a value of `true`. See further section E7, “Metadata for
Agreeing to Sign Authentication Requests”, of \[[SAML v2.0 Errata
05](http://docs.oasis-open.org/security/saml/v2.0/errata05/os/saml-v2.0-errata05-os.html)\].
Expand Down Expand Up @@ -1008,7 +1008,7 @@ URIs. The URIs listed above are only used when there is an explicit
requirement for the Identity Provider to display a sign message provided
in the authentication request.

<a name="authentication-requests"></a>
<a name="authentication-requests2"></a>
### 7.2. Authentication Requests

Authentication requests from a Signature Service SHALL meet the
Expand Down Expand Up @@ -1102,7 +1102,7 @@ associated with requests from signature services:
even if the request has no present `ForceAuthn` attribute or includes
a `ForceAuthn` attribute set to the value `false`.

<a name="authentication-responses"></a>
<a name="authentication-responses2"></a>
### 7.3. Authentication Responses

By including an authentication context URI listed in [section 7.1](#authentication-context-uris-for-signature-services) (sign
Expand All @@ -1122,7 +1122,7 @@ MUST be displayed, then the Identity Provider MUST return an error
response with the status code
`urn:oasis:names:tc:SAML:2.0:status:AuthnFailed`.

> \[6\]: As defined in [section 5.3](#request-message-content), only exact matching of authentication context URIs are allowed. As a consequence the Identity Provider can only assert a sign message authentication context URI according to [section 7.1](#authentication-context-uris-for-signature-services) if such an authentication context was requested in the authentication request. It is therefore the responsibility of the Signature Service requesting authentication to always request a sign message authentication context if it requires evidence that the sign message has been displayed to the user.
> \[6\]: As defined in [section 5.3](#message-content), only exact matching of authentication context URIs are allowed. As a consequence the Identity Provider can only assert a sign message authentication context URI according to [section 7.1](#authentication-context-uris-for-signature-services) if such an authentication context was requested in the authentication request. It is therefore the responsibility of the Signature Service requesting authentication to always request a sign message authentication context if it requires evidence that the sign message has been displayed to the user.
<a name="normative-references"></a>
## 8. Normative References
Expand Down
12 changes: 6 additions & 6 deletions ELN-0604 - Attribute Specification for the Swedish eID Framework.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -278,9 +278,9 @@ The following attributes are defined for use within the attribute profile for th
| :--- | :--- | :--- | :--- | :---: | :--- |
| sn | urn:oid:2.5.4.4 | Surname | Registered surname. | NO | Lindeman |
| givenName | urn:oid:2.5.4.42 | Given Name | Registered given name. | NO | Valfrid |
| displayName | urn:oid:2.16.840.1.113730.3.1.241 | Display Name | A name in any preferred presentation format. | NO | Valfrid Lindeman |
| displayName | urn:oid:2.16.840.1.<br/>113730.3.1.241 | Display Name | A name in any preferred presentation format. | NO | Valfrid Lindeman |
| gender | urn:oid:1.3.6.1.5.5.7.9.3 | Gender | A one letter representation (“M”/”F”/”U” or “m”/“f”/”u”) representing the subject’s gender, where “M” represents male, “F” represents female and “U” is used for unspecified, or unknown, gender. | NO | M |
| personalIdentityNumber | urn:oid:1.2.752.29.4.13 | National civic registration number/code | Swedish ”personnummer” or ”samordningsnummer” according to [SKV 704](http://www.skatteverket.se/download/18.1e6d5f87115319ffba380001857/70408.pdf) and [SKV 707](http://www.skatteverket.se/download/18.3dfca4f410f4fc63c86800016382/70702.pdf). 12 digits without hyphen. | NO | 195006262546 |
| personalIdentity-<br/>Number | urn:oid:1.2.752.29.4.13 | National civic registration number/code | Swedish ”personnummer” or ”samordningsnummer” according to [SKV 704](http://www.skatteverket.se/download/18.1e6d5f87115319ffba380001857/70408.pdf) and [SKV 707](http://www.skatteverket.se/download/18.3dfca4f410f4fc63c86800016382/70702.pdf). 12 digits without hyphen. | NO | 195006262546 |
| dateOfBirth | urn:oid:1.3.6.1.5.5.7.9.1 | Date of birth | Date of birth expressed using the format YYYY-MM-DD. | NO | 1950-06-26 |
| birthName | urn:oid:1.2.752.201.3.8 | Name at the time of birth | Full name of a person at birth. | NO | Valfrid Danielsson |
| street | urn:oid:2.5.4.9 | Street address | Street address. | NO | Mosebacke torg 3 |
Expand All @@ -292,8 +292,8 @@ The following attributes are defined for use within the attribute profile for th
| countryOfCitizenship | urn:oid:1.3.6.1.5.5.7.9.4 | Country of citizenship | ISO 3166-1 alpha-2 \[ISO3166\] two letter country code representing a country of citizenship. | YES | SE |
| countryOfResidence | urn:oid:1.3.6.1.5.5.7.9.5 | Country of Residence | ISO 3166-1 alpha-2 \[ISO3166\] two letter country code representing the country of residence. | NO | SE |
| telephoneNumber | urn:oid:2.5.4.20 | Telephone number | Telephone number. | YES | +46890510 |
| mobile | urn:oid:0.9.2342.19200300.100.1.41 | Mobile number | Mobile number. | YES | +46703419886 |
| mail | urn:oid:0.9.2342.19200300.100.1.3 | E-mail address | E-mail address. | YES | [email protected] |
| mobile | urn:oid:0.9.2342.<br/>19200300.100.1.41 | Mobile number | Mobile number. | YES | +46703419886 |
| mail | urn:oid:0.9.2342.<br/>19200300.100.1.3 | E-mail address | E-mail address. | YES | [email protected] |
| o | urn:oid:2.5.4.10 | Organization name | Registered organization name. | NO | Skatteverket |
| ou | urn:oid:2.5.4.11 | Organizational unit name | Organizational unit name. | YES | IT-Avdelningen |
| organizationIdentifier | urn:oid:2.5.4.97 | Organizational identifier code | Swedish “organisationsnummer” according to [SKV 709](http://www.skatteverket.se/download/18.70ac421612e2a997f85800040302/70909svartvit.pdf). 10 digits without hyphen. | NO | 5562265719 |
Expand All @@ -306,8 +306,8 @@ The following attributes are defined for use within the attribute profile for th
| sad | urn:oid:1.2.752.201.3.12 | Signature activation data | Signature activation data required by signature services. | NO | See [section 3.2.3](#the-sad-attribute) below. |
| prid | urn:oid:1.2.752.201.3.4 | Provisional identifier | Unique identifier for an authentication performed against the eIDAS Framework. See [section 3.3.1](#the-prid-and-pridpersistence-attributes) below. | NO | NO:5068907693 |
| pridPersistence | urn:oid:1.2.752.201.3.5 | Provisional identifier persistence indicator | Indicator for the expected persistence of the prid attribute. See [section 3.3.1](#the-prid-and-pridpersistence-attributes) below. | NO | A |
| personalIdentityNumberBinding | urn:oid:1.2.752.201.3.6 | National civic registration number/code binding URI | The type of binding performed of personalIdentityNumber attribute added by eIDAS connector. See [section 3.3.2](#the-personalidentitynumberbinding-attribute) below. | NO | http://eid.org.se/presentedInPerson |
| eidasPersonIdentifier | urn:oid:1.2.752.201.3.7 | eIDAS uniqueness identifier for natural persons | Maps the eIDAS PersonIdentifier attribute to a string attribute within the scope of the Swedish eID Framework attribute set. | NO | ES/AT/02635542Y (Spanish eID number for an Austrian SP) || eidasNaturalPersonAddress | urn:oid:1.2.752.201.3.9 | eIDAS Natural Person Address | Attribute for converting the eIDAS CurrentAddress attribute into an attribute having a string type value. | NO | See [section 3.3.3.1](#conversion-of-eidas-currentaddress) below. |
| personalIdentity-<br/>NumberBinding | urn:oid:1.2.752.201.3.6 | National civic registration number/code binding URI | The type of binding performed of personalIdentityNumber attribute added by eIDAS connector. See [section 3.3.2](#the-personalidentitynumberbinding-attribute) below. | NO | http://eid.org.se/presentedInPerson |
| eidasPersonIdentifier | urn:oid:1.2.752.201.3.7 | eIDAS uniqueness identifier for natural persons | Maps the eIDAS PersonIdentifier attribute to a string attribute within the scope of the Swedish eID Framework attribute set. | NO | ES/AT/02635542Y (Spanish eID number for an Austrian SP) || eidasNatural-<br/>PersonAddress | urn:oid:1.2.752.201.3.9 | eIDAS Natural Person Address | Attribute for converting the eIDAS CurrentAddress attribute into an attribute having a string type value. | NO | See [section 3.3.3.1](#conversion-of-eidas-currentaddress) below. |

All attributes, unless stated otherwise in this table, holds string values using the UTF-8 character set using the `xs:string` data type. Certain attributes such as `mail`, `personalIdentityNumber`, `organizationIdentifier`, `telephoneNumber` and `mobile` use a restricted character set according to its defined usage within this specification.

Expand Down
16 changes: 8 additions & 8 deletions ELN-0607 - Implementation Profile for using DSS in Central Signing Services.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -293,14 +293,14 @@ declared in the `MimeType` attribute.
For messages in HTML format, the message MUST NOT contain tags and
attributes for each tag other than those listed in the following table:

HTML Tags | Type | Allowed attributes
--- | --- | ---
h1, h2, h3, h4 | Headings | style
div, span, p | Section | style
table, tr, td | Table | style
b, strong | Highlight | style
i, u, br | Format
ol, ul, li | List
| HTML Tags | Type | Allowed attributes |
| --- | --- | --- |
| h1, h2, h3, h4 | Headings | style |
| div, span, p | Section | style |
| table, tr, td | Table | style |
| b, strong | Highlight | style |
| i, u, br | Format | &nbsp; |
| ol, ul, li | List | &nbsp; |

Allowed HTML entities for character replacement SHALL be restricted to
`amp`, `gt`, `lt`, `quot` and `nbsp` (in the form `&entity-name;`).
Expand Down
16 changes: 8 additions & 8 deletions ELN-0608 - Certificate Profile for Central Signing Services.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,19 +147,19 @@ assertion.
<a name="rfc2119"></a>**[RFC2119]**

> [Bradner, S., Key words for use in RFCs to Indicate Requirement
> Levels, March 1997.](http://www.ietf.org/rfc/rfc2119.txt)
> Levels, March 1997](http://www.ietf.org/rfc/rfc2119.txt).
<a name="rfc3739"></a>**[RFC3739]**

> Santesson, S., Nystrom, M., and T. Polk, "Internet X.509 Public Key
> Infrastructure: Qualified Certificates Profile", RFC\\03739, March
> 2004.
> [Santesson, S., Nystrom, M., and T. Polk, "Internet X.509 Public Key
> Infrastructure: Qualified Certificates Profile", RFC 3739, March
> 2004](https://www.ietf.org/rfc/rfc3739.txt).
<a name="rfc5280"></a>**[RFC5280]**

> Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and
> [Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and
> W. Polk, "Internet X.509 Public Key Infrastructure Certificate and
> Certificate Revocation List (CRL) Profile", RFC\\05280, May 2008.
> Certificate Revocation List (CRL) Profile", RFC 5280, May 2008](https://www.ietf.org/rfc/rfc5280.txt).
<a name="eu-qc"></a>**[EU-QC]**

Expand All @@ -184,5 +184,5 @@ assertion.
<a name="skv707"></a>**[SKV707]**

> [Skatteverket, SKV 707 utgåva 2, Samordningsnummer, October
> 2006.](http://www.skatteverket.se/download/18.3dfca4f410f4fc63c86800016382/70702.pdf)
> [Skatteverket, SKV 707, Utgåva 2,
> Samordningsnummer.](http://www.vgregion.se/upload/PVSB/Tj%E4nsteID/Samordningsnummer%20skatteverket.pdf)
Loading

0 comments on commit f46e559

Please sign in to comment.