Programme to strengthen XML encryption in the UK federation kicks off on 23 February

Posted on Tuesday, 16 February 2021

Please find below, the text of an email sent to the Jisc-shibboleth mailing list earlier today, which outlines the plans for how the UK federation will raise the strength of XML encryption across the UK federation.

Dear Colleagues,
Over the coming months, Shibboleth and other IdPs which understand algorithm agility metadata [1] will use stronger algorithms when encrypting assertions sent to certain SPs. I'd like to outline plans for how the UK federation will get there.
The first production change will happen on Tuesday 23 February, where we will add a default EncryptionMethod element to all SPs' metadata where there is no EncryptionMethod registered. This will apply to UK federation-registered SPs and to those imported from eduGAIN. You do not have to make any change and this will not affect the interoperation in the vast majority of cases.
The only situation where this will downgrade the strength of XML encryption requires all three of the following to be in effect:
* you must have already configured your IdP to use GCM as the default mode of encryption instead of CBC
* you must be interoperating with a SP that can handle GCM
* that SP's metadata does not include algorithm agility metadata.
We think this is unlikely. However, if you have changed default XML encryption method on your IdP, please contact the UK federation helpdesk at service@ukfederation.org.uk, and we will provide details for how to mitigate the effect.
The second phase will focus on SPs. In the coming weeks and months, we'll be contacting SP operators to ask them to update their registrations with the encryption capabilities of their SP. Note that the majority of Shibboleth SPs registered by the UK federation already have algorithm agility metadata. Note also that the Shibboleth SP has a couple of features that make it easier for us to improve data quality of registered metadata, so we will be contacting Shibboleth SP owners first. If you operate a SP which does not use Shibboleth software, we advise you to contact your software vendor and ask how to determine the XML encryption capabilities of your software.
The third phase will be to help IdP operators to switch the default encryption method on their IdPs to GCM.

[1] SAML v2.0 Metadata Profile for Algorithm Support Version 1.0 http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-algsupport-v1.0-cs01.html

Edited by SteveGlover on 16 February 2021, at 03:20 PM