JA T3 Framework

Fast. Flexible. Powerful

Dansk

Skip to content

Certificate policy

Why does WAYF have a certificate policy?

All communication to and from WAYF is secured to ensure that unauthorised people cannot listen in nor change the exchanged data. Certificates of sufficient quality ensure that you are communicating with the intended entity. For this reason both WAYF, service providers, and identity providers (institutions) must acquire a certificate for encrypting all data traffic to and from WAYF.

Certificate requirements

The certificate MUST be a X.509 certificate issued by a recognised certificate authority (CA) which enables automatic checking of revocation lists (list of cancelled certificates).

The certificate MUST be issued to the same domain (e.g. sdu.dk) as that of the entity ID being connected to WAYF.

Below are given example values of the Subject of a certificate permissible for the University of Southern Denmark (SDU). SDU has https://wayf.sdu.dk/idp for its entity ID, whose domain part is wayf.sdu.dk. Permissible Subjects are then:

CN=wayf.sdu.dk
CN=*.sdu.dk

WAYF Secretariat
2 H.C. Andersens Boulevard
DK-1553 Copenhagen V
Denmark

www.wayf.dk
sekretariat@wayf.dk

line

You are here:

Top

Skip to content