Add EncryptionMethod elements with AES128-CBC algorithm to production

Add AES128-CBC to SPs that have no block encryption algorithms. Phase 2: add to production and export aggregates See ukf/ukf-meta#243 for details
InCommon · Feb 2, 2021 · 7e763ea · 7e763ea
1 parent d1eeb8b
commit 7e763ea
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 10 deletions.
diff --git a/mdx/uk/README.md b/mdx/uk/README.md
@@ -28,14 +28,11 @@ before being included in the `export` version consumed by interfederation partne
 
 ### Export Preview Aggregate vs. Export Aggregate
 
-Status (2020-09-10):
+Status (2021-02-02):
 
 * The `export-preview` aggregate declares the `alg` namespace on the document element,
   rather than on each `<DigestMethod>` or `<SigningMethod>` element.
 
-* The `export-preview` aggregate adds `<EncryptionMethod>` elements with AES128-CBC
-  to SPs that have no block encryption methods listed
-
 ## Production Maturity Pipeline
 
 The production maturity pipeline consists of:
@@ -63,7 +60,7 @@ when it appeared in the fallback aggregate, which would be too late to take corr
 
 ### Test Aggregate vs. Production Aggregate
 
-Status (2020-09-10):
+Status (2021-02-02):
 
 * The `test` aggregate does not include the `<UKFederationMember>` label (`ukf-meta#34`).
 
@@ -73,9 +70,6 @@ Status (2020-09-10):
 * The `test` aggregate declares the `alg` namespace on the document element,
   rather than on each `<DigestMethod>` or `<SigningMethod>` element.
 
-* The `test` aggregate adds `<EncryptionMethod>` elements with AES128-CBC
-  to SPs that have no block encryption methods listed
-
 ### `cds-all` Aggregate vs. Production Aggregate
 
 Status (2017-12-05):
@@ -86,6 +80,7 @@ Status (2017-12-05):
 
 ### Fallback Aggregate vs. Production Aggregate
 
-Status (2020-09-01):
+Status (2021-02-02):
 
-* These aggregates are currently identical.
+* The `production` aggregate adds `<EncryptionMethod>` elements with AES128-CBC
+  to SPs that have no block encryption methods listed
diff --git a/mdx/uk/generate.xml b/mdx/uk/generate.xml
@@ -311,6 +311,9 @@
                 <ref bean="assembleAggregate"/>
                 <bean parent="mda.SetCacheDurationStage"
                     p:cacheDuration="${cacheDuration.aggregate.duration}"/>
+
+                <ref bean="uk_add_cbc_encryption"/>
+
                 <ref bean="uk_finaliseProduction"/>
                 <ref bean="uk_normaliseNamespaces"/>
 
@@ -828,6 +831,9 @@
                     p:cacheDuration="${cacheDuration.aggregate.duration}"/>
                 <ref bean="stripEntityScopes"/>
                 <ref bean="stripEmptyExtensions"/>
+
+                <ref bean="uk_add_cbc_encryption"/>
+
                 <ref bean="uk_finaliseExport"/>
 
                 <bean id="uk_normaliseExport" parent="mda.XSLTransformationStage"