[Satosa-dev] signing with SHA2 instead of SHA1

Thanks Roland. I see then how I can easily patch satosa/frontends/saml2.py so that the signing and digest can be passed into pysaml2. My proposal is that the configuration saml2_frontend.yaml be (leaving out the other configuration details) something like module: satosa.frontends.saml2.SAMLFrontend name: Saml2IDP config: idp_config: key_file: /etc/satosa/frontend.key cert_file: /etc/satosa/frontend.crt sign_alg: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' digest_alg: 'http://www.w3.org/2001/04/xmlenc#sha256' If sign_alg or digest_alg is not present than SATOSA will set them to be the defaults for pysaml2, ie. saml2.xmldsig.sig_default saml2.xmldsig.digest_default Thanks, Scott K