From 38d80234f9dd09543bd7b3e46c335447920acedf Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Fri, 30 Oct 2009 17:00:00 +0000
Subject: [PATCH] Correct eol-style property.

---
 schemas/cs-sstc-schema-assertion-01.xsd            |  388 ++---
 schemas/cs-sstc-schema-assertion-1.1.xsd           |  410 ++---
 schemas/cs-sstc-schema-protocol-01.xsd             |  254 +--
 schemas/saml-schema-assertion-2.0.xsd              |  566 +++----
 schemas/saml-schema-authn-context-2.0.xsd          |   44 +-
 ...aml-schema-authn-context-auth-telephony-2.0.xsd |  160 +-
 schemas/saml-schema-authn-context-ip-2.0.xsd       |  128 +-
 schemas/saml-schema-authn-context-ippword-2.0.xsd  |  134 +-
 schemas/saml-schema-authn-context-kerberos-2.0.xsd |  164 +-
 ...chema-authn-context-mobileonefactor-reg-2.0.xsd |  372 ++---
 ...ema-authn-context-mobileonefactor-unreg-2.0.xsd |  366 ++---
 ...chema-authn-context-mobiletwofactor-reg-2.0.xsd |  404 ++---
 ...ema-authn-context-mobiletwofactor-unreg-2.0.xsd |  400 ++---
 ...ml-schema-authn-context-nomad-telephony-2.0.xsd |  160 +-
 ...schema-authn-context-personal-telephony-2.0.xsd |  160 +-
 schemas/saml-schema-authn-context-pgp-2.0.xsd      |  164 +-
 schemas/saml-schema-authn-context-ppt-2.0.xsd      |  160 +-
 schemas/saml-schema-authn-context-pword-2.0.xsd    |  126 +-
 schemas/saml-schema-authn-context-session-2.0.xsd  |  126 +-
 .../saml-schema-authn-context-smartcard-2.0.xsd    |  126 +-
 .../saml-schema-authn-context-smartcardpki-2.0.xsd |  258 +--
 .../saml-schema-authn-context-softwarepki-2.0.xsd  |  258 +--
 schemas/saml-schema-authn-context-spki-2.0.xsd     |  164 +-
 schemas/saml-schema-authn-context-srp-2.0.xsd      |  164 +-
 schemas/saml-schema-authn-context-sslcert-2.0.xsd  |  194 +--
 .../saml-schema-authn-context-telephony-2.0.xsd    |  156 +-
 schemas/saml-schema-authn-context-timesync-2.0.xsd |  210 +--
 schemas/saml-schema-authn-context-types-2.0.xsd    | 1642 ++++++++++----------
 schemas/saml-schema-authn-context-x509-2.0.xsd     |  166 +-
 schemas/saml-schema-authn-context-xmldsig-2.0.xsd  |  166 +-
 schemas/saml-schema-dce-2.0.xsd                    |   58 +-
 schemas/saml-schema-ecp-2.0.xsd                    |  114 +-
 schemas/saml-schema-metadata-2.0.xsd               |  674 ++++----
 schemas/saml-schema-protocol-2.0.xsd               |  604 +++----
 schemas/saml-schema-x500-2.0.xsd                   |   40 +-
 schemas/saml-schema-xacml-2.0.xsd                  |   38 +-
 schemas/sstc-metadata-attr.xsd                     |   70 +-
 schemas/sstc-saml-attribute-ext.xsd                |   50 +-
 schemas/sstc-saml-delegation.xsd                   |   80 +-
 schemas/sstc-saml-metadata-ext-query.xsd           |  132 +-
 schemas/sstc-saml-protocol-ext-thirdparty.xsd      |   58 +-
 schemas/sstc-saml1x-metadata.xsd                   |   50 +-
 42 files changed, 5079 insertions(+), 5079 deletions(-)
diff --git a/schemas/cs-sstc-schema-assertion-01.xsd b/schemas/cs-sstc-schema-assertion-01.xsd
index 8bc5af1..d41f3e8 100644
--- a/schemas/cs-sstc-schema-assertion-01.xsd
+++ b/schemas/cs-sstc-schema-assertion-01.xsd
@@ -1,194 +1,194 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XML Spy v3.5 NT (http://www.xmlspy.com) by Phill Hallam-Baker (VeriSign Inc.) -->
-<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
-        <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
-        <annotation>
-                <documentation>
-                Document identifier: cs-sstc-schema-assertion-01
-                Location: http://www.oasis-open.org/committees/security/docs/
-                </documentation>
-        </annotation>
-        <simpleType name="IDType">
-                <restriction base="string"/>
-        </simpleType>
-        <simpleType name="IDReferenceType">
-                <restriction base="string"/>
-        </simpleType>
-        <simpleType name="DecisionType">
-                <restriction base="string">
-                        <enumeration value="Permit"/>
-                        <enumeration value="Deny"/>
-                        <enumeration value="Indeterminate"/>
-                </restriction>
-        </simpleType>
-        <element name="AssertionIDReference" type="saml:IDReferenceType"/>
-        <element name="Assertion" type="saml:AssertionType"/>
-        <complexType name="AssertionType">
-                <sequence>
-                        <element ref="saml:Conditions" minOccurs="0"/>
-                        <element ref="saml:Advice" minOccurs="0"/>
-                        <choice maxOccurs="unbounded">
-                                <element ref="saml:Statement"/>
-                                <element ref="saml:SubjectStatement"/>
-                                <element ref="saml:AuthenticationStatement"/>
-                                <element ref="saml:AuthorizationDecisionStatement"/>
-                                <element ref="saml:AttributeStatement"/>
-                        </choice>
-                        <element ref="ds:Signature" minOccurs="0"/>
-                </sequence>
-                <attribute name="MajorVersion" type="integer" use="required"/>
-                <attribute name="MinorVersion" type="integer" use="required"/>
-                <attribute name="AssertionID" type="saml:IDType" use="required"/>
-                <attribute name="Issuer" type="string" use="required"/>
-                <attribute name="IssueInstant" type="dateTime" use="required"/>
-        </complexType>
-        <element name="Conditions" type="saml:ConditionsType"/>
-        <complexType name="ConditionsType">
-                <choice minOccurs="0" maxOccurs="unbounded">
-                        <element ref="saml:AudienceRestrictionCondition"/>
-                        <element ref="saml:Condition"/>
-                </choice>
-                <attribute name="NotBefore" type="dateTime" use="optional"/>
-                <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
-        </complexType>
-        <element name="Condition" type="saml:ConditionAbstractType"/>
-        <complexType name="ConditionAbstractType" abstract="true"/>
-        <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
-        <complexType name="AudienceRestrictionConditionType">
-                <complexContent>
-                        <extension base="saml:ConditionAbstractType">
-                                <sequence>
-                                        <element ref="saml:Audience" maxOccurs="unbounded"/>
-                                </sequence>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="Audience" type="anyURI"/>
-        <element name="Advice" type="saml:AdviceType"/>
-        <complexType name="AdviceType">
-                <choice minOccurs="0" maxOccurs="unbounded">
-                        <element ref="saml:AssertionIDReference"/>
-                        <element ref="saml:Assertion"/>
-                        <any namespace="##other" processContents="lax"/>
-                </choice>
-        </complexType>
-        <element name="Statement" type="saml:StatementAbstractType"/>
-        <complexType name="StatementAbstractType" abstract="true"/>
-        <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
-        <complexType name="SubjectStatementAbstractType" abstract="true">
-                <complexContent>
-                        <extension base="saml:StatementAbstractType">
-                                <sequence>
-                                        <element ref="saml:Subject"/>
-                                </sequence>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="Subject" type="saml:SubjectType"/>
-        <complexType name="SubjectType">
-                <choice>
-                        <sequence>
-                                <element ref="saml:NameIdentifier"/>
-                                <element ref="saml:SubjectConfirmation" minOccurs="0"/>
-                        </sequence>
-                        <element ref="saml:SubjectConfirmation"/>
-                </choice>
-        </complexType>
-        <element name="NameIdentifier" type="saml:NameIdentifierType"/>
-        <complexType name="NameIdentifierType">
-                <simpleContent>
-                        <extension base="string">
-                                <attribute name="NameQualifier" type="string" use="optional"/>
-                                <attribute name="Format" type="anyURI" use="optional"/>
-                        </extension>
-                </simpleContent>
-        </complexType>
-        <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
-        <complexType name="SubjectConfirmationType">
-                <sequence>
-                        <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
-                        <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
-                        <element ref="ds:KeyInfo" minOccurs="0"/>
-                </sequence>
-        </complexType>
-        <element name="SubjectConfirmationData" type="anyType"/>
-        <element name="ConfirmationMethod" type="anyURI"/>
-        <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
-        <complexType name="AuthenticationStatementType">
-                <complexContent>
-                        <extension base="saml:SubjectStatementAbstractType">
-                                <sequence>
-                                        <element ref="saml:SubjectLocality" minOccurs="0"/>
-                                        <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
-                                </sequence>
-                                <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
-                                <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
-        <complexType name="SubjectLocalityType">
-                <attribute name="IPAddress" type="string" use="optional"/>
-                <attribute name="DNSAddress" type="string" use="optional"/>
-        </complexType>
-        <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
-        <complexType name="AuthorityBindingType">
-                <attribute name="AuthorityKind" type="QName" use="required"/>
-                <attribute name="Location" type="anyURI" use="required"/>
-                <attribute name="Binding" type="anyURI" use="required"/>
-        </complexType>
-        <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
-        <complexType name="AuthorizationDecisionStatementType">
-                <complexContent>
-                        <extension base="saml:SubjectStatementAbstractType">
-                                <sequence>
-                                        <element ref="saml:Action" maxOccurs="unbounded"/>
-                                        <element ref="saml:Evidence" minOccurs="0"/>
-                                </sequence>
-                                <attribute name="Resource" type="anyURI" use="required"/>
-                                <attribute name="Decision" type="saml:DecisionType" use="required"/>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="Action" type="saml:ActionType"/>
-        <complexType name="ActionType">
-                <simpleContent>
-                        <extension base="string">
-                                <attribute name="Namespace" type="anyURI"/>
-                        </extension>
-                </simpleContent>
-        </complexType>
-        <element name="Evidence" type="saml:EvidenceType"/>
-        <complexType name="EvidenceType">
-                <choice maxOccurs="unbounded">
-                        <element ref="saml:AssertionIDReference"/>
-                        <element ref="saml:Assertion"/>
-                </choice>
-        </complexType>
-        <element name="AttributeStatement" type="saml:AttributeStatementType"/>
-        <complexType name="AttributeStatementType">
-                <complexContent>
-                        <extension base="saml:SubjectStatementAbstractType">
-                                <sequence>
-                                        <element ref="saml:Attribute" maxOccurs="unbounded"/>
-                                </sequence>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
-        <complexType name="AttributeDesignatorType">
-                <attribute name="AttributeName" type="string" use="required"/>
-                <attribute name="AttributeNamespace" type="anyURI" use="required"/>
-        </complexType>
-        <element name="Attribute" type="saml:AttributeType"/>
-        <complexType name="AttributeType">
-                <complexContent>
-                        <extension base="saml:AttributeDesignatorType">
-                                <sequence>
-                                        <element ref="saml:AttributeValue" maxOccurs="unbounded"/>
-                                </sequence>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="AttributeValue" type="anyType"/>
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XML Spy v3.5 NT (http://www.xmlspy.com) by Phill Hallam-Baker (VeriSign Inc.) -->
+<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
+        <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+        <annotation>
+                <documentation>
+                Document identifier: cs-sstc-schema-assertion-01
+                Location: http://www.oasis-open.org/committees/security/docs/
+                </documentation>
+        </annotation>
+        <simpleType name="IDType">
+                <restriction base="string"/>
+        </simpleType>
+        <simpleType name="IDReferenceType">
+                <restriction base="string"/>
+        </simpleType>
+        <simpleType name="DecisionType">
+                <restriction base="string">
+                        <enumeration value="Permit"/>
+                        <enumeration value="Deny"/>
+                        <enumeration value="Indeterminate"/>
+                </restriction>
+        </simpleType>
+        <element name="AssertionIDReference" type="saml:IDReferenceType"/>
+        <element name="Assertion" type="saml:AssertionType"/>
+        <complexType name="AssertionType">
+                <sequence>
+                        <element ref="saml:Conditions" minOccurs="0"/>
+                        <element ref="saml:Advice" minOccurs="0"/>
+                        <choice maxOccurs="unbounded">
+                                <element ref="saml:Statement"/>
+                                <element ref="saml:SubjectStatement"/>
+                                <element ref="saml:AuthenticationStatement"/>
+                                <element ref="saml:AuthorizationDecisionStatement"/>
+                                <element ref="saml:AttributeStatement"/>
+                        </choice>
+                        <element ref="ds:Signature" minOccurs="0"/>
+                </sequence>
+                <attribute name="MajorVersion" type="integer" use="required"/>
+                <attribute name="MinorVersion" type="integer" use="required"/>
+                <attribute name="AssertionID" type="saml:IDType" use="required"/>
+                <attribute name="Issuer" type="string" use="required"/>
+                <attribute name="IssueInstant" type="dateTime" use="required"/>
+        </complexType>
+        <element name="Conditions" type="saml:ConditionsType"/>
+        <complexType name="ConditionsType">
+                <choice minOccurs="0" maxOccurs="unbounded">
+                        <element ref="saml:AudienceRestrictionCondition"/>
+                        <element ref="saml:Condition"/>
+                </choice>
+                <attribute name="NotBefore" type="dateTime" use="optional"/>
+                <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+        </complexType>
+        <element name="Condition" type="saml:ConditionAbstractType"/>
+        <complexType name="ConditionAbstractType" abstract="true"/>
+        <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
+        <complexType name="AudienceRestrictionConditionType">
+                <complexContent>
+                        <extension base="saml:ConditionAbstractType">
+                                <sequence>
+                                        <element ref="saml:Audience" maxOccurs="unbounded"/>
+                                </sequence>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="Audience" type="anyURI"/>
+        <element name="Advice" type="saml:AdviceType"/>
+        <complexType name="AdviceType">
+                <choice minOccurs="0" maxOccurs="unbounded">
+                        <element ref="saml:AssertionIDReference"/>
+                        <element ref="saml:Assertion"/>
+                        <any namespace="##other" processContents="lax"/>
+                </choice>
+        </complexType>
+        <element name="Statement" type="saml:StatementAbstractType"/>
+        <complexType name="StatementAbstractType" abstract="true"/>
+        <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
+        <complexType name="SubjectStatementAbstractType" abstract="true">
+                <complexContent>
+                        <extension base="saml:StatementAbstractType">
+                                <sequence>
+                                        <element ref="saml:Subject"/>
+                                </sequence>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="Subject" type="saml:SubjectType"/>
+        <complexType name="SubjectType">
+                <choice>
+                        <sequence>
+                                <element ref="saml:NameIdentifier"/>
+                                <element ref="saml:SubjectConfirmation" minOccurs="0"/>
+                        </sequence>
+                        <element ref="saml:SubjectConfirmation"/>
+                </choice>
+        </complexType>
+        <element name="NameIdentifier" type="saml:NameIdentifierType"/>
+        <complexType name="NameIdentifierType">
+                <simpleContent>
+                        <extension base="string">
+                                <attribute name="NameQualifier" type="string" use="optional"/>
+                                <attribute name="Format" type="anyURI" use="optional"/>
+                        </extension>
+                </simpleContent>
+        </complexType>
+        <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
+        <complexType name="SubjectConfirmationType">
+                <sequence>
+                        <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
+                        <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
+                        <element ref="ds:KeyInfo" minOccurs="0"/>
+                </sequence>
+        </complexType>
+        <element name="SubjectConfirmationData" type="anyType"/>
+        <element name="ConfirmationMethod" type="anyURI"/>
+        <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
+        <complexType name="AuthenticationStatementType">
+                <complexContent>
+                        <extension base="saml:SubjectStatementAbstractType">
+                                <sequence>
+                                        <element ref="saml:SubjectLocality" minOccurs="0"/>
+                                        <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
+                                </sequence>
+                                <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
+                                <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
+        <complexType name="SubjectLocalityType">
+                <attribute name="IPAddress" type="string" use="optional"/>
+                <attribute name="DNSAddress" type="string" use="optional"/>
+        </complexType>
+        <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
+        <complexType name="AuthorityBindingType">
+                <attribute name="AuthorityKind" type="QName" use="required"/>
+                <attribute name="Location" type="anyURI" use="required"/>
+                <attribute name="Binding" type="anyURI" use="required"/>
+        </complexType>
+        <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
+        <complexType name="AuthorizationDecisionStatementType">
+                <complexContent>
+                        <extension base="saml:SubjectStatementAbstractType">
+                                <sequence>
+                                        <element ref="saml:Action" maxOccurs="unbounded"/>
+                                        <element ref="saml:Evidence" minOccurs="0"/>
+                                </sequence>
+                                <attribute name="Resource" type="anyURI" use="required"/>
+                                <attribute name="Decision" type="saml:DecisionType" use="required"/>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="Action" type="saml:ActionType"/>
+        <complexType name="ActionType">
+                <simpleContent>
+                        <extension base="string">
+                                <attribute name="Namespace" type="anyURI"/>
+                        </extension>
+                </simpleContent>
+        </complexType>
+        <element name="Evidence" type="saml:EvidenceType"/>
+        <complexType name="EvidenceType">
+                <choice maxOccurs="unbounded">
+                        <element ref="saml:AssertionIDReference"/>
+                        <element ref="saml:Assertion"/>
+                </choice>
+        </complexType>
+        <element name="AttributeStatement" type="saml:AttributeStatementType"/>
+        <complexType name="AttributeStatementType">
+                <complexContent>
+                        <extension base="saml:SubjectStatementAbstractType">
+                                <sequence>
+                                        <element ref="saml:Attribute" maxOccurs="unbounded"/>
+                                </sequence>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
+        <complexType name="AttributeDesignatorType">
+                <attribute name="AttributeName" type="string" use="required"/>
+                <attribute name="AttributeNamespace" type="anyURI" use="required"/>
+        </complexType>
+        <element name="Attribute" type="saml:AttributeType"/>
+        <complexType name="AttributeType">
+                <complexContent>
+                        <extension base="saml:AttributeDesignatorType">
+                                <sequence>
+                                        <element ref="saml:AttributeValue" maxOccurs="unbounded"/>
+                                </sequence>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="AttributeValue" type="anyType"/>
+</schema>
diff --git a/schemas/cs-sstc-schema-assertion-1.1.xsd b/schemas/cs-sstc-schema-assertion-1.1.xsd
index 97d0ddd..ea8f7a4 100644
--- a/schemas/cs-sstc-schema-assertion-1.1.xsd
+++ b/schemas/cs-sstc-schema-assertion-1.1.xsd
@@ -1,205 +1,205 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="unqualified" attributeFormDefault="unqualified" version="1.1">
-	<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
-	<annotation>
-		<documentation>
-                Document identifier: sstc-saml-schema-assertion-1.1-draft-02
-                Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
-                Revision history:
-                draft-01 (Eve Maler):
-                  Note that V1.1 of this schema has the same namespace as V1.0.
-                  Minor cosmetic updates.
-                  Changed IDType to restrict from xsd:ID.
-                  Changed IDReferenceType to restrict from xsd:IDREF.
-                  Set version attribute on schema element to 1.1.
-                draft-02 (Prateek Mishra, Rob Philpott):
-                  Added DoNotCacheCondition element and DoNotCacheConditionType
-                draft-03 (Scott Cantor)
-				  Rebased ID content directly on XML Schema types
-                </documentation>
-	</annotation>
-	<simpleType name="DecisionType">
-		<restriction base="string">
-			<enumeration value="Permit"/>
-			<enumeration value="Deny"/>
-			<enumeration value="Indeterminate"/>
-		</restriction>
-	</simpleType>
-	<element name="AssertionIDReference" type="NCName"/>
-	<element name="Assertion" type="saml:AssertionType"/>
-	<complexType name="AssertionType">
-		<sequence>
-			<element ref="saml:Conditions" minOccurs="0"/>
-			<element ref="saml:Advice" minOccurs="0"/>
-			<choice maxOccurs="unbounded">
-				<element ref="saml:Statement"/>
-				<element ref="saml:SubjectStatement"/>
-				<element ref="saml:AuthenticationStatement"/>
-				<element ref="saml:AuthorizationDecisionStatement"/>
-				<element ref="saml:AttributeStatement"/>
-			</choice>
-			<element ref="ds:Signature" minOccurs="0"/>
-		</sequence>
-		<attribute name="MajorVersion" type="integer" use="required"/>
-		<attribute name="MinorVersion" type="integer" use="required"/>
-		<attribute name="AssertionID" type="ID" use="required"/>
-		<attribute name="Issuer" type="string" use="required"/>
-		<attribute name="IssueInstant" type="dateTime" use="required"/>
-	</complexType>
-	<element name="Conditions" type="saml:ConditionsType"/>
-	<complexType name="ConditionsType">
-		<choice minOccurs="0" maxOccurs="unbounded">
-			<element ref="saml:AudienceRestrictionCondition"/>
-			<element ref="saml:DoNotCacheCondition"/>
-			<element ref="saml:Condition"/>
-		</choice>
-		<attribute name="NotBefore" type="dateTime" use="optional"/>
-		<attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
-	</complexType>
-	<element name="Condition" type="saml:ConditionAbstractType"/>
-	<complexType name="ConditionAbstractType" abstract="true"/>
-	<element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
-	<complexType name="AudienceRestrictionConditionType">
-		<complexContent>
-			<extension base="saml:ConditionAbstractType">
-				<sequence>
-					<element ref="saml:Audience" maxOccurs="unbounded"/>
-				</sequence>
-			</extension>
-		</complexContent>
-	</complexType>
-	<element name="Audience" type="anyURI"/>
-	<element name="DoNotCacheCondition" type="saml:DoNotCacheConditionType" />
-	<complexType name="DoNotCacheConditionType">
-		<complexContent>
-			<extension base="saml:ConditionAbstractType"/>
-		</complexContent>
-	</complexType>
-	<element name="Advice" type="saml:AdviceType"/>
-	<complexType name="AdviceType">
-		<choice minOccurs="0" maxOccurs="unbounded">
-			<element ref="saml:AssertionIDReference"/>
-			<element ref="saml:Assertion"/>
-			<any namespace="##other" processContents="lax"/>
-		</choice>
-	</complexType>
-	<element name="Statement" type="saml:StatementAbstractType"/>
-	<complexType name="StatementAbstractType" abstract="true"/>
-	<element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
-	<complexType name="SubjectStatementAbstractType" abstract="true">
-		<complexContent>
-			<extension base="saml:StatementAbstractType">
-				<sequence>
-					<element ref="saml:Subject"/>
-				</sequence>
-			</extension>
-		</complexContent>
-	</complexType>
-	<element name="Subject" type="saml:SubjectType"/>
-	<complexType name="SubjectType">
-		<choice>
-			<sequence>
-				<element ref="saml:NameIdentifier"/>
-				<element ref="saml:SubjectConfirmation" minOccurs="0"/>
-			</sequence>
-			<element ref="saml:SubjectConfirmation"/>
-		</choice>
-	</complexType>
-	<element name="NameIdentifier" type="saml:NameIdentifierType"/>
-	<complexType name="NameIdentifierType">
-		<simpleContent>
-			<extension base="string">
-				<attribute name="NameQualifier" type="string" use="optional"/>
-				<attribute name="Format" type="anyURI" use="optional"/>
-			</extension>
-		</simpleContent>
-	</complexType>
-	<element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
-	<complexType name="SubjectConfirmationType">
-		<sequence>
-			<element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
-			<element ref="saml:SubjectConfirmationData" minOccurs="0"/>
-			<element ref="ds:KeyInfo" minOccurs="0"/>
-		</sequence>
-	</complexType>
-	<element name="SubjectConfirmationData" type="anyType"/>
-	<element name="ConfirmationMethod" type="anyURI"/>
-	<element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
-	<complexType name="AuthenticationStatementType">
-		<complexContent>
-			<extension base="saml:SubjectStatementAbstractType">
-				<sequence>
-					<element ref="saml:SubjectLocality" minOccurs="0"/>
-					<element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
-				</sequence>
-				<attribute name="AuthenticationMethod" type="anyURI" use="required"/>
-				<attribute name="AuthenticationInstant" type="dateTime" use="required"/>
-			</extension>
-		</complexContent>
-	</complexType>
-	<element name="SubjectLocality" type="saml:SubjectLocalityType"/>
-	<complexType name="SubjectLocalityType">
-		<attribute name="IPAddress" type="string" use="optional"/>
-		<attribute name="DNSAddress" type="string" use="optional"/>
-	</complexType>
-	<element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
-	<complexType name="AuthorityBindingType">
-		<attribute name="AuthorityKind" type="QName" use="required"/>
-		<attribute name="Location" type="anyURI" use="required"/>
-		<attribute name="Binding" type="anyURI" use="required"/>
-	</complexType>
-	<element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
-	<complexType name="AuthorizationDecisionStatementType">
-		<complexContent>
-			<extension base="saml:SubjectStatementAbstractType">
-				<sequence>
-					<element ref="saml:Action" maxOccurs="unbounded"/>
-					<element ref="saml:Evidence" minOccurs="0"/>
-				</sequence>
-				<attribute name="Resource" type="anyURI" use="required"/>
-				<attribute name="Decision" type="saml:DecisionType" use="required"/>
-			</extension>
-		</complexContent>
-	</complexType>
-	<element name="Action" type="saml:ActionType"/>
-	<complexType name="ActionType">
-		<simpleContent>
-			<extension base="string">
-				<attribute name="Namespace" type="anyURI"/>
-			</extension>
-		</simpleContent>
-	</complexType>
-	<element name="Evidence" type="saml:EvidenceType"/>
-	<complexType name="EvidenceType">
-		<choice maxOccurs="unbounded">
-			<element ref="saml:AssertionIDReference"/>
-			<element ref="saml:Assertion"/>
-		</choice>
-	</complexType>
-	<element name="AttributeStatement" type="saml:AttributeStatementType"/>
-	<complexType name="AttributeStatementType">
-		<complexContent>
-			<extension base="saml:SubjectStatementAbstractType">
-				<sequence>
-					<element ref="saml:Attribute" maxOccurs="unbounded"/>
-				</sequence>
-			</extension>
-		</complexContent>
-	</complexType>
-	<element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
-	<complexType name="AttributeDesignatorType">
-		<attribute name="AttributeName" type="string" use="required"/>
-		<attribute name="AttributeNamespace" type="anyURI" use="required"/>
-	</complexType>
-	<element name="Attribute" type="saml:AttributeType"/>
-	<complexType name="AttributeType">
-		<complexContent>
-			<extension base="saml:AttributeDesignatorType">
-				<sequence>
-					<element ref="saml:AttributeValue" maxOccurs="unbounded"/>
-				</sequence>
-			</extension>
-		</complexContent>
-	</complexType>
-	<element name="AttributeValue" type="anyType"/>
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="unqualified" attributeFormDefault="unqualified" version="1.1">
+	<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+	<annotation>
+		<documentation>
+                Document identifier: sstc-saml-schema-assertion-1.1-draft-02
+                Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+                Revision history:
+                draft-01 (Eve Maler):
+                  Note that V1.1 of this schema has the same namespace as V1.0.
+                  Minor cosmetic updates.
+                  Changed IDType to restrict from xsd:ID.
+                  Changed IDReferenceType to restrict from xsd:IDREF.
+                  Set version attribute on schema element to 1.1.
+                draft-02 (Prateek Mishra, Rob Philpott):
+                  Added DoNotCacheCondition element and DoNotCacheConditionType
+                draft-03 (Scott Cantor)
+				  Rebased ID content directly on XML Schema types
+                </documentation>
+	</annotation>
+	<simpleType name="DecisionType">
+		<restriction base="string">
+			<enumeration value="Permit"/>
+			<enumeration value="Deny"/>
+			<enumeration value="Indeterminate"/>
+		</restriction>
+	</simpleType>
+	<element name="AssertionIDReference" type="NCName"/>
+	<element name="Assertion" type="saml:AssertionType"/>
+	<complexType name="AssertionType">
+		<sequence>
+			<element ref="saml:Conditions" minOccurs="0"/>
+			<element ref="saml:Advice" minOccurs="0"/>
+			<choice maxOccurs="unbounded">
+				<element ref="saml:Statement"/>
+				<element ref="saml:SubjectStatement"/>
+				<element ref="saml:AuthenticationStatement"/>
+				<element ref="saml:AuthorizationDecisionStatement"/>
+				<element ref="saml:AttributeStatement"/>
+			</choice>
+			<element ref="ds:Signature" minOccurs="0"/>
+		</sequence>
+		<attribute name="MajorVersion" type="integer" use="required"/>
+		<attribute name="MinorVersion" type="integer" use="required"/>
+		<attribute name="AssertionID" type="ID" use="required"/>
+		<attribute name="Issuer" type="string" use="required"/>
+		<attribute name="IssueInstant" type="dateTime" use="required"/>
+	</complexType>
+	<element name="Conditions" type="saml:ConditionsType"/>
+	<complexType name="ConditionsType">
+		<choice minOccurs="0" maxOccurs="unbounded">
+			<element ref="saml:AudienceRestrictionCondition"/>
+			<element ref="saml:DoNotCacheCondition"/>
+			<element ref="saml:Condition"/>
+		</choice>
+		<attribute name="NotBefore" type="dateTime" use="optional"/>
+		<attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+	</complexType>
+	<element name="Condition" type="saml:ConditionAbstractType"/>
+	<complexType name="ConditionAbstractType" abstract="true"/>
+	<element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
+	<complexType name="AudienceRestrictionConditionType">
+		<complexContent>
+			<extension base="saml:ConditionAbstractType">
+				<sequence>
+					<element ref="saml:Audience" maxOccurs="unbounded"/>
+				</sequence>
+			</extension>
+		</complexContent>
+	</complexType>
+	<element name="Audience" type="anyURI"/>
+	<element name="DoNotCacheCondition" type="saml:DoNotCacheConditionType" />
+	<complexType name="DoNotCacheConditionType">
+		<complexContent>
+			<extension base="saml:ConditionAbstractType"/>
+		</complexContent>
+	</complexType>
+	<element name="Advice" type="saml:AdviceType"/>
+	<complexType name="AdviceType">
+		<choice minOccurs="0" maxOccurs="unbounded">
+			<element ref="saml:AssertionIDReference"/>
+			<element ref="saml:Assertion"/>
+			<any namespace="##other" processContents="lax"/>
+		</choice>
+	</complexType>
+	<element name="Statement" type="saml:StatementAbstractType"/>
+	<complexType name="StatementAbstractType" abstract="true"/>
+	<element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
+	<complexType name="SubjectStatementAbstractType" abstract="true">
+		<complexContent>
+			<extension base="saml:StatementAbstractType">
+				<sequence>
+					<element ref="saml:Subject"/>
+				</sequence>
+			</extension>
+		</complexContent>
+	</complexType>
+	<element name="Subject" type="saml:SubjectType"/>
+	<complexType name="SubjectType">
+		<choice>
+			<sequence>
+				<element ref="saml:NameIdentifier"/>
+				<element ref="saml:SubjectConfirmation" minOccurs="0"/>
+			</sequence>
+			<element ref="saml:SubjectConfirmation"/>
+		</choice>
+	</complexType>
+	<element name="NameIdentifier" type="saml:NameIdentifierType"/>
+	<complexType name="NameIdentifierType">
+		<simpleContent>
+			<extension base="string">
+				<attribute name="NameQualifier" type="string" use="optional"/>
+				<attribute name="Format" type="anyURI" use="optional"/>
+			</extension>
+		</simpleContent>
+	</complexType>
+	<element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
+	<complexType name="SubjectConfirmationType">
+		<sequence>
+			<element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
+			<element ref="saml:SubjectConfirmationData" minOccurs="0"/>
+			<element ref="ds:KeyInfo" minOccurs="0"/>
+		</sequence>
+	</complexType>
+	<element name="SubjectConfirmationData" type="anyType"/>
+	<element name="ConfirmationMethod" type="anyURI"/>
+	<element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
+	<complexType name="AuthenticationStatementType">
+		<complexContent>
+			<extension base="saml:SubjectStatementAbstractType">
+				<sequence>
+					<element ref="saml:SubjectLocality" minOccurs="0"/>
+					<element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
+				</sequence>
+				<attribute name="AuthenticationMethod" type="anyURI" use="required"/>
+				<attribute name="AuthenticationInstant" type="dateTime" use="required"/>
+			</extension>
+		</complexContent>
+	</complexType>
+	<element name="SubjectLocality" type="saml:SubjectLocalityType"/>
+	<complexType name="SubjectLocalityType">
+		<attribute name="IPAddress" type="string" use="optional"/>
+		<attribute name="DNSAddress" type="string" use="optional"/>
+	</complexType>
+	<element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
+	<complexType name="AuthorityBindingType">
+		<attribute name="AuthorityKind" type="QName" use="required"/>
+		<attribute name="Location" type="anyURI" use="required"/>
+		<attribute name="Binding" type="anyURI" use="required"/>
+	</complexType>
+	<element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
+	<complexType name="AuthorizationDecisionStatementType">
+		<complexContent>
+			<extension base="saml:SubjectStatementAbstractType">
+				<sequence>
+					<element ref="saml:Action" maxOccurs="unbounded"/>
+					<element ref="saml:Evidence" minOccurs="0"/>
+				</sequence>
+				<attribute name="Resource" type="anyURI" use="required"/>
+				<attribute name="Decision" type="saml:DecisionType" use="required"/>
+			</extension>
+		</complexContent>
+	</complexType>
+	<element name="Action" type="saml:ActionType"/>
+	<complexType name="ActionType">
+		<simpleContent>
+			<extension base="string">
+				<attribute name="Namespace" type="anyURI"/>
+			</extension>
+		</simpleContent>
+	</complexType>
+	<element name="Evidence" type="saml:EvidenceType"/>
+	<complexType name="EvidenceType">
+		<choice maxOccurs="unbounded">
+			<element ref="saml:AssertionIDReference"/>
+			<element ref="saml:Assertion"/>
+		</choice>
+	</complexType>
+	<element name="AttributeStatement" type="saml:AttributeStatementType"/>
+	<complexType name="AttributeStatementType">
+		<complexContent>
+			<extension base="saml:SubjectStatementAbstractType">
+				<sequence>
+					<element ref="saml:Attribute" maxOccurs="unbounded"/>
+				</sequence>
+			</extension>
+		</complexContent>
+	</complexType>
+	<element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
+	<complexType name="AttributeDesignatorType">
+		<attribute name="AttributeName" type="string" use="required"/>
+		<attribute name="AttributeNamespace" type="anyURI" use="required"/>
+	</complexType>
+	<element name="Attribute" type="saml:AttributeType"/>
+	<complexType name="AttributeType">
+		<complexContent>
+			<extension base="saml:AttributeDesignatorType">
+				<sequence>
+					<element ref="saml:AttributeValue" maxOccurs="unbounded"/>
+				</sequence>
+			</extension>
+		</complexContent>
+	</complexType>
+	<element name="AttributeValue" type="anyType"/>
+</schema>
diff --git a/schemas/cs-sstc-schema-protocol-01.xsd b/schemas/cs-sstc-schema-protocol-01.xsd
index ecad05b..d939fa7 100644
--- a/schemas/cs-sstc-schema-protocol-01.xsd
+++ b/schemas/cs-sstc-schema-protocol-01.xsd
@@ -1,127 +1,127 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XML Spy v4.2 U (http://www.xmlspy.com) by Phillip Hallam-Baker (Phillip Hallam-Baker) -->
-<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
-        <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-01.xsd"/>
-        <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
-        <annotation>
-                <documentation>
-                Document identifier: cs-sstc-schema-protocol-01
-                Location: http://www.oasis-open.org/committees/security/docs/
-                </documentation>
-        </annotation>
-        <complexType name="RequestAbstractType" abstract="true">
-                <sequence>
-                        <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/>
-                        <element ref="ds:Signature" minOccurs="0"/>
-                </sequence>
-                <attribute name="RequestID" type="saml:IDType" use="required"/>
-                <attribute name="MajorVersion" type="integer" use="required"/>
-                <attribute name="MinorVersion" type="integer" use="required"/>
-                <attribute name="IssueInstant" type="dateTime" use="required"/>
-        </complexType>
-        <element name="RespondWith" type="QName"/>
-        <element name="Request" type="samlp:RequestType"/>
-        <complexType name="RequestType">
-                <complexContent>
-                        <extension base="samlp:RequestAbstractType">
-                                <choice>
-                                        <element ref="samlp:Query"/>
-                                        <element ref="samlp:SubjectQuery"/>
-                                        <element ref="samlp:AuthenticationQuery"/>
-                                        <element ref="samlp:AttributeQuery"/>
-                                        <element ref="samlp:AuthorizationDecisionQuery"/>
-                                        <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/>
-                                        <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
-                                </choice>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="AssertionArtifact" type="string"/>
-        <element name="Query" type="samlp:QueryAbstractType"/>
-        <complexType name="QueryAbstractType" abstract="true"/>
-        <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
-        <complexType name="SubjectQueryAbstractType" abstract="true">
-                <complexContent>
-                        <extension base="samlp:QueryAbstractType">
-                                <sequence>
-                                        <element ref="saml:Subject"/>
-                                </sequence>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="AuthenticationQuery" type="samlp:AuthenticationQueryType"/>
-        <complexType name="AuthenticationQueryType">
-                <complexContent>
-                        <extension base="samlp:SubjectQueryAbstractType">
-                                <attribute name="AuthenticationMethod" type="anyURI"/>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
-        <complexType name="AttributeQueryType">
-                <complexContent>
-                        <extension base="samlp:SubjectQueryAbstractType">
-                                <sequence>
-                                        <element ref="saml:AttributeDesignator" minOccurs="0" maxOccurs="unbounded"/>
-                                </sequence>
-                                <attribute name="Resource" type="anyURI" use="optional"/>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="AuthorizationDecisionQuery" type="samlp:AuthorizationDecisionQueryType"/>
-        <complexType name="AuthorizationDecisionQueryType">
-                <complexContent>
-                        <extension base="samlp:SubjectQueryAbstractType">
-                                <sequence>
-                                        <element ref="saml:Action" maxOccurs="unbounded"/>
-                                        <element ref="saml:Evidence" minOccurs="0" maxOccurs="1"/>
-                                </sequence>
-                                <attribute name="Resource" type="anyURI" use="required"/>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <complexType name="ResponseAbstractType" abstract="true">
-                <sequence>
-                        <element ref="ds:Signature" minOccurs="0"/>
-                </sequence>
-                <attribute name="ResponseID" type="saml:IDType" use="required"/>
-                <attribute name="InResponseTo" type="saml:IDReferenceType" use="optional"/>
-                <attribute name="MajorVersion" type="integer" use="required"/>
-                <attribute name="MinorVersion" type="integer" use="required"/>
-                <attribute name="IssueInstant" type="dateTime" use="required"/>
-                <attribute name="Recipient" type="anyURI" use="optional"/>
-        </complexType>
-        <element name="Response" type="samlp:ResponseType"/>
-        <complexType name="ResponseType">
-                <complexContent>
-                        <extension base="samlp:ResponseAbstractType">
-                                <sequence>
-                                        <element ref="samlp:Status"/>
-                                        <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/>
-                                </sequence>
-                        </extension>
-                </complexContent>
-        </complexType>
-        <element name="Status" type="samlp:StatusType"/>
-        <complexType name="StatusType">
-                <sequence>
-                        <element ref="samlp:StatusCode"/>
-                        <element ref="samlp:StatusMessage" minOccurs="0" maxOccurs="1"/>
-                        <element ref="samlp:StatusDetail" minOccurs="0"/>
-                </sequence>
-        </complexType>
-        <element name="StatusCode" type="samlp:StatusCodeType"/>
-        <complexType name="StatusCodeType">
-                <sequence>
-                        <element ref="samlp:StatusCode" minOccurs="0"/>
-                </sequence>
-                <attribute name="Value" type="QName" use="required"/>
-        </complexType>
-        <element name="StatusMessage" type="string"/>
-        <element name="StatusDetail" type="samlp:StatusDetailType"/>
-        <complexType name="StatusDetailType">
-                <sequence>
-                        <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-        </complexType>
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XML Spy v4.2 U (http://www.xmlspy.com) by Phillip Hallam-Baker (Phillip Hallam-Baker) -->
+<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
+        <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-01.xsd"/>
+        <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+        <annotation>
+                <documentation>
+                Document identifier: cs-sstc-schema-protocol-01
+                Location: http://www.oasis-open.org/committees/security/docs/
+                </documentation>
+        </annotation>
+        <complexType name="RequestAbstractType" abstract="true">
+                <sequence>
+                        <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/>
+                        <element ref="ds:Signature" minOccurs="0"/>
+                </sequence>
+                <attribute name="RequestID" type="saml:IDType" use="required"/>
+                <attribute name="MajorVersion" type="integer" use="required"/>
+                <attribute name="MinorVersion" type="integer" use="required"/>
+                <attribute name="IssueInstant" type="dateTime" use="required"/>
+        </complexType>
+        <element name="RespondWith" type="QName"/>
+        <element name="Request" type="samlp:RequestType"/>
+        <complexType name="RequestType">
+                <complexContent>
+                        <extension base="samlp:RequestAbstractType">
+                                <choice>
+                                        <element ref="samlp:Query"/>
+                                        <element ref="samlp:SubjectQuery"/>
+                                        <element ref="samlp:AuthenticationQuery"/>
+                                        <element ref="samlp:AttributeQuery"/>
+                                        <element ref="samlp:AuthorizationDecisionQuery"/>
+                                        <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/>
+                                        <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
+                                </choice>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="AssertionArtifact" type="string"/>
+        <element name="Query" type="samlp:QueryAbstractType"/>
+        <complexType name="QueryAbstractType" abstract="true"/>
+        <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
+        <complexType name="SubjectQueryAbstractType" abstract="true">
+                <complexContent>
+                        <extension base="samlp:QueryAbstractType">
+                                <sequence>
+                                        <element ref="saml:Subject"/>
+                                </sequence>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="AuthenticationQuery" type="samlp:AuthenticationQueryType"/>
+        <complexType name="AuthenticationQueryType">
+                <complexContent>
+                        <extension base="samlp:SubjectQueryAbstractType">
+                                <attribute name="AuthenticationMethod" type="anyURI"/>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
+        <complexType name="AttributeQueryType">
+                <complexContent>
+                        <extension base="samlp:SubjectQueryAbstractType">
+                                <sequence>
+                                        <element ref="saml:AttributeDesignator" minOccurs="0" maxOccurs="unbounded"/>
+                                </sequence>
+                                <attribute name="Resource" type="anyURI" use="optional"/>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="AuthorizationDecisionQuery" type="samlp:AuthorizationDecisionQueryType"/>
+        <complexType name="AuthorizationDecisionQueryType">
+                <complexContent>
+                        <extension base="samlp:SubjectQueryAbstractType">
+                                <sequence>
+                                        <element ref="saml:Action" maxOccurs="unbounded"/>
+                                        <element ref="saml:Evidence" minOccurs="0" maxOccurs="1"/>
+                                </sequence>
+                                <attribute name="Resource" type="anyURI" use="required"/>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <complexType name="ResponseAbstractType" abstract="true">
+                <sequence>
+                        <element ref="ds:Signature" minOccurs="0"/>
+                </sequence>
+                <attribute name="ResponseID" type="saml:IDType" use="required"/>
+                <attribute name="InResponseTo" type="saml:IDReferenceType" use="optional"/>
+                <attribute name="MajorVersion" type="integer" use="required"/>
+                <attribute name="MinorVersion" type="integer" use="required"/>
+                <attribute name="IssueInstant" type="dateTime" use="required"/>
+                <attribute name="Recipient" type="anyURI" use="optional"/>
+        </complexType>
+        <element name="Response" type="samlp:ResponseType"/>
+        <complexType name="ResponseType">
+                <complexContent>
+                        <extension base="samlp:ResponseAbstractType">
+                                <sequence>
+                                        <element ref="samlp:Status"/>
+                                        <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/>
+                                </sequence>
+                        </extension>
+                </complexContent>
+        </complexType>
+        <element name="Status" type="samlp:StatusType"/>
+        <complexType name="StatusType">
+                <sequence>
+                        <element ref="samlp:StatusCode"/>
+                        <element ref="samlp:StatusMessage" minOccurs="0" maxOccurs="1"/>
+                        <element ref="samlp:StatusDetail" minOccurs="0"/>
+                </sequence>
+        </complexType>
+        <element name="StatusCode" type="samlp:StatusCodeType"/>
+        <complexType name="StatusCodeType">
+                <sequence>
+                        <element ref="samlp:StatusCode" minOccurs="0"/>
+                </sequence>
+                <attribute name="Value" type="QName" use="required"/>
+        </complexType>
+        <element name="StatusMessage" type="string"/>
+        <element name="StatusDetail" type="samlp:StatusDetailType"/>
+        <complexType name="StatusDetailType">
+                <sequence>
+                        <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+        </complexType>
+</schema>
diff --git a/schemas/saml-schema-assertion-2.0.xsd b/schemas/saml-schema-assertion-2.0.xsd
index 6aa3b27..9bbfa26 100644
--- a/schemas/saml-schema-assertion-2.0.xsd
+++ b/schemas/saml-schema-assertion-2.0.xsd
@@ -1,283 +1,283 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
-    xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <import namespace="http://www.w3.org/2000/09/xmldsig#"
-        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
-    <import namespace="http://www.w3.org/2001/04/xmlenc#"
-        schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
-    <annotation>
-        <documentation>
-            Document identifier: saml-schema-assertion-2.0
-            Location: http://docs.oasis-open.org/security/saml/v2.0/
-            Revision history:
-            V1.0 (November, 2002):
-              Initial Standard Schema.
-            V1.1 (September, 2003):
-              Updates within the same V1.0 namespace.
-            V2.0 (March, 2005):
-              New assertion schema for SAML V2.0 namespace.
-        </documentation>
-    </annotation>
-    <attributeGroup name="IDNameQualifiers">
-        <attribute name="NameQualifier" type="string" use="optional"/>
-        <attribute name="SPNameQualifier" type="string" use="optional"/>
-    </attributeGroup>
-    <element name="BaseID" type="saml:BaseIDAbstractType"/>
-    <complexType name="BaseIDAbstractType" abstract="true">
-        <attributeGroup ref="saml:IDNameQualifiers"/>
-    </complexType>
-    <element name="NameID" type="saml:NameIDType"/>
-    <complexType name="NameIDType">
-        <simpleContent>
-            <extension base="string">
-                <attributeGroup ref="saml:IDNameQualifiers"/>
-                <attribute name="Format" type="anyURI" use="optional"/>
-                <attribute name="SPProvidedID" type="string" use="optional"/>
-            </extension>
-        </simpleContent>
-    </complexType>
-    <complexType name="EncryptedElementType">
-        <sequence>
-            <element ref="xenc:EncryptedData"/>
-            <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-    </complexType>
-    <element name="EncryptedID" type="saml:EncryptedElementType"/>
-    <element name="Issuer" type="saml:NameIDType"/>
-    <element name="AssertionIDRef" type="NCName"/>
-    <element name="AssertionURIRef" type="anyURI"/>
-    <element name="Assertion" type="saml:AssertionType"/>
-    <complexType name="AssertionType">
-        <sequence>
-            <element ref="saml:Issuer"/>
-            <element ref="ds:Signature" minOccurs="0"/>
-            <element ref="saml:Subject" minOccurs="0"/>
-            <element ref="saml:Conditions" minOccurs="0"/>
-            <element ref="saml:Advice" minOccurs="0"/>
-            <choice minOccurs="0" maxOccurs="unbounded">
-                <element ref="saml:Statement"/>
-                <element ref="saml:AuthnStatement"/>
-                <element ref="saml:AuthzDecisionStatement"/>
-                <element ref="saml:AttributeStatement"/>
-            </choice>
-        </sequence>
-        <attribute name="Version" type="string" use="required"/>
-        <attribute name="ID" type="ID" use="required"/>
-        <attribute name="IssueInstant" type="dateTime" use="required"/>
-    </complexType>
-    <element name="Subject" type="saml:SubjectType"/>
-    <complexType name="SubjectType">
-        <choice>
-            <sequence>
-                <choice>
-                    <element ref="saml:BaseID"/>
-                    <element ref="saml:NameID"/>
-                    <element ref="saml:EncryptedID"/>
-                </choice>
-                <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/>
-            </sequence>
-            <element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/>
-        </choice>
-    </complexType>
-    <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
-    <complexType name="SubjectConfirmationType">
-        <sequence>
-            <choice minOccurs="0">
-                <element ref="saml:BaseID"/>
-                <element ref="saml:NameID"/>
-                <element ref="saml:EncryptedID"/>
-            </choice>
-            <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
-        </sequence>
-        <attribute name="Method" type="anyURI" use="required"/>
-    </complexType>
-    <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/>
-    <complexType name="SubjectConfirmationDataType" mixed="true">
-        <complexContent>
-            <restriction base="anyType">
-                <sequence>
-                    <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-                <attribute name="NotBefore" type="dateTime" use="optional"/>
-                <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
-                <attribute name="Recipient" type="anyURI" use="optional"/>
-                <attribute name="InResponseTo" type="NCName" use="optional"/>
-                <attribute name="Address" type="string" use="optional"/>
-                <anyAttribute namespace="##other" processContents="lax"/>
-            </restriction>
-        </complexContent>
-    </complexType>
-    <complexType name="KeyInfoConfirmationDataType" mixed="false">
-        <complexContent>
-            <restriction base="saml:SubjectConfirmationDataType">
-                <sequence>
-                    <element ref="ds:KeyInfo" maxOccurs="unbounded"/>
-                </sequence>
-            </restriction>
-        </complexContent>
-    </complexType>
-    <element name="Conditions" type="saml:ConditionsType"/>
-    <complexType name="ConditionsType">
-        <choice minOccurs="0" maxOccurs="unbounded">
-            <element ref="saml:Condition"/>
-            <element ref="saml:AudienceRestriction"/>
-            <element ref="saml:OneTimeUse"/>
-            <element ref="saml:ProxyRestriction"/>
-        </choice>
-        <attribute name="NotBefore" type="dateTime" use="optional"/>
-        <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
-    </complexType>
-    <element name="Condition" type="saml:ConditionAbstractType"/>
-    <complexType name="ConditionAbstractType" abstract="true"/>
-    <element name="AudienceRestriction" type="saml:AudienceRestrictionType"/>
-    <complexType name="AudienceRestrictionType">
-        <complexContent>
-            <extension base="saml:ConditionAbstractType">
-                <sequence>
-                    <element ref="saml:Audience" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="Audience" type="anyURI"/>
-    <element name="OneTimeUse" type="saml:OneTimeUseType" />
-    <complexType name="OneTimeUseType">
-        <complexContent>
-            <extension base="saml:ConditionAbstractType"/>
-        </complexContent>
-    </complexType>
-    <element name="ProxyRestriction" type="saml:ProxyRestrictionType"/>
-    <complexType name="ProxyRestrictionType">
-    <complexContent>
-        <extension base="saml:ConditionAbstractType">
-            <sequence>
-                <element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>
-            </sequence>
-            <attribute name="Count" type="nonNegativeInteger" use="optional"/>
-        </extension>
-	</complexContent>
-    </complexType>
-    <element name="Advice" type="saml:AdviceType"/>
-    <complexType name="AdviceType">
-        <choice minOccurs="0" maxOccurs="unbounded">
-            <element ref="saml:AssertionIDRef"/>
-            <element ref="saml:AssertionURIRef"/>
-            <element ref="saml:Assertion"/>
-            <element ref="saml:EncryptedAssertion"/>
-            <any namespace="##other" processContents="lax"/>
-        </choice>
-    </complexType>
-    <element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
-    <element name="Statement" type="saml:StatementAbstractType"/>
-    <complexType name="StatementAbstractType" abstract="true"/>
-    <element name="AuthnStatement" type="saml:AuthnStatementType"/>
-    <complexType name="AuthnStatementType">
-        <complexContent>
-            <extension base="saml:StatementAbstractType">
-                <sequence>
-                    <element ref="saml:SubjectLocality" minOccurs="0"/>
-                    <element ref="saml:AuthnContext"/>
-                </sequence>
-                <attribute name="AuthnInstant" type="dateTime" use="required"/>
-                <attribute name="SessionIndex" type="string" use="optional"/>
-                <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
-    <complexType name="SubjectLocalityType">
-        <attribute name="Address" type="string" use="optional"/>
-        <attribute name="DNSName" type="string" use="optional"/>
-    </complexType>
-    <element name="AuthnContext" type="saml:AuthnContextType"/>
-    <complexType name="AuthnContextType">
-        <sequence>
-            <choice>
-                <sequence>
-                    <element ref="saml:AuthnContextClassRef"/>
-                    <choice minOccurs="0">
-                        <element ref="saml:AuthnContextDecl"/>
-                        <element ref="saml:AuthnContextDeclRef"/>
-                    </choice>
-                </sequence>
-                <choice>
-                    <element ref="saml:AuthnContextDecl"/>
-                    <element ref="saml:AuthnContextDeclRef"/>
-                </choice>
-            </choice>
-            <element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-    </complexType>
-    <element name="AuthnContextClassRef" type="anyURI"/>
-    <element name="AuthnContextDeclRef" type="anyURI"/>
-    <element name="AuthnContextDecl" type="anyType"/>
-    <element name="AuthenticatingAuthority" type="anyURI"/>
-    <element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/>
-    <complexType name="AuthzDecisionStatementType">
-        <complexContent>
-            <extension base="saml:StatementAbstractType">
-                <sequence>
-                    <element ref="saml:Action" maxOccurs="unbounded"/>
-                    <element ref="saml:Evidence" minOccurs="0"/>
-                </sequence>
-                <attribute name="Resource" type="anyURI" use="required"/>
-                <attribute name="Decision" type="saml:DecisionType" use="required"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <simpleType name="DecisionType">
-        <restriction base="string">
-            <enumeration value="Permit"/>
-            <enumeration value="Deny"/>
-            <enumeration value="Indeterminate"/>
-        </restriction>
-    </simpleType>
-    <element name="Action" type="saml:ActionType"/>
-    <complexType name="ActionType">
-        <simpleContent>
-            <extension base="string">
-                <attribute name="Namespace" type="anyURI" use="required"/>
-            </extension>
-        </simpleContent>
-    </complexType>
-    <element name="Evidence" type="saml:EvidenceType"/>
-    <complexType name="EvidenceType">
-        <choice maxOccurs="unbounded">
-            <element ref="saml:AssertionIDRef"/>
-            <element ref="saml:AssertionURIRef"/>
-            <element ref="saml:Assertion"/>
-            <element ref="saml:EncryptedAssertion"/>
-        </choice>
-    </complexType>
-    <element name="AttributeStatement" type="saml:AttributeStatementType"/>
-    <complexType name="AttributeStatementType">
-        <complexContent>
-            <extension base="saml:StatementAbstractType">
-                <choice maxOccurs="unbounded">
-                    <element ref="saml:Attribute"/>
-                    <element ref="saml:EncryptedAttribute"/>
-                </choice>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="Attribute" type="saml:AttributeType"/>
-    <complexType name="AttributeType">
-        <sequence>
-            <element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="Name" type="string" use="required"/>
-        <attribute name="NameFormat" type="anyURI" use="optional"/>
-        <attribute name="FriendlyName" type="string" use="optional"/>
-        <anyAttribute namespace="##other" processContents="lax"/>
-    </complexType>
-    <element name="AttributeValue" type="anyType" nillable="true"/>
-    <element name="EncryptedAttribute" type="saml:EncryptedElementType"/>
-</schema>
+<?xml version="1.0" encoding="US-ASCII"?>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+    xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <import namespace="http://www.w3.org/2000/09/xmldsig#"
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
+    <import namespace="http://www.w3.org/2001/04/xmlenc#"
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
+    <annotation>
+        <documentation>
+            Document identifier: saml-schema-assertion-2.0
+            Location: http://docs.oasis-open.org/security/saml/v2.0/
+            Revision history:
+            V1.0 (November, 2002):
+              Initial Standard Schema.
+            V1.1 (September, 2003):
+              Updates within the same V1.0 namespace.
+            V2.0 (March, 2005):
+              New assertion schema for SAML V2.0 namespace.
+        </documentation>
+    </annotation>
+    <attributeGroup name="IDNameQualifiers">
+        <attribute name="NameQualifier" type="string" use="optional"/>
+        <attribute name="SPNameQualifier" type="string" use="optional"/>
+    </attributeGroup>
+    <element name="BaseID" type="saml:BaseIDAbstractType"/>
+    <complexType name="BaseIDAbstractType" abstract="true">
+        <attributeGroup ref="saml:IDNameQualifiers"/>
+    </complexType>
+    <element name="NameID" type="saml:NameIDType"/>
+    <complexType name="NameIDType">
+        <simpleContent>
+            <extension base="string">
+                <attributeGroup ref="saml:IDNameQualifiers"/>
+                <attribute name="Format" type="anyURI" use="optional"/>
+                <attribute name="SPProvidedID" type="string" use="optional"/>
+            </extension>
+        </simpleContent>
+    </complexType>
+    <complexType name="EncryptedElementType">
+        <sequence>
+            <element ref="xenc:EncryptedData"/>
+            <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+    </complexType>
+    <element name="EncryptedID" type="saml:EncryptedElementType"/>
+    <element name="Issuer" type="saml:NameIDType"/>
+    <element name="AssertionIDRef" type="NCName"/>
+    <element name="AssertionURIRef" type="anyURI"/>
+    <element name="Assertion" type="saml:AssertionType"/>
+    <complexType name="AssertionType">
+        <sequence>
+            <element ref="saml:Issuer"/>
+            <element ref="ds:Signature" minOccurs="0"/>
+            <element ref="saml:Subject" minOccurs="0"/>
+            <element ref="saml:Conditions" minOccurs="0"/>
+            <element ref="saml:Advice" minOccurs="0"/>
+            <choice minOccurs="0" maxOccurs="unbounded">
+                <element ref="saml:Statement"/>
+                <element ref="saml:AuthnStatement"/>
+                <element ref="saml:AuthzDecisionStatement"/>
+                <element ref="saml:AttributeStatement"/>
+            </choice>
+        </sequence>
+        <attribute name="Version" type="string" use="required"/>
+        <attribute name="ID" type="ID" use="required"/>
+        <attribute name="IssueInstant" type="dateTime" use="required"/>
+    </complexType>
+    <element name="Subject" type="saml:SubjectType"/>
+    <complexType name="SubjectType">
+        <choice>
+            <sequence>
+                <choice>
+                    <element ref="saml:BaseID"/>
+                    <element ref="saml:NameID"/>
+                    <element ref="saml:EncryptedID"/>
+                </choice>
+                <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/>
+            </sequence>
+            <element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/>
+        </choice>
+    </complexType>
+    <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
+    <complexType name="SubjectConfirmationType">
+        <sequence>
+            <choice minOccurs="0">
+                <element ref="saml:BaseID"/>
+                <element ref="saml:NameID"/>
+                <element ref="saml:EncryptedID"/>
+            </choice>
+            <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
+        </sequence>
+        <attribute name="Method" type="anyURI" use="required"/>
+    </complexType>
+    <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/>
+    <complexType name="SubjectConfirmationDataType" mixed="true">
+        <complexContent>
+            <restriction base="anyType">
+                <sequence>
+                    <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+                <attribute name="NotBefore" type="dateTime" use="optional"/>
+                <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+                <attribute name="Recipient" type="anyURI" use="optional"/>
+                <attribute name="InResponseTo" type="NCName" use="optional"/>
+                <attribute name="Address" type="string" use="optional"/>
+                <anyAttribute namespace="##other" processContents="lax"/>
+            </restriction>
+        </complexContent>
+    </complexType>
+    <complexType name="KeyInfoConfirmationDataType" mixed="false">
+        <complexContent>
+            <restriction base="saml:SubjectConfirmationDataType">
+                <sequence>
+                    <element ref="ds:KeyInfo" maxOccurs="unbounded"/>
+                </sequence>
+            </restriction>
+        </complexContent>
+    </complexType>
+    <element name="Conditions" type="saml:ConditionsType"/>
+    <complexType name="ConditionsType">
+        <choice minOccurs="0" maxOccurs="unbounded">
+            <element ref="saml:Condition"/>
+            <element ref="saml:AudienceRestriction"/>
+            <element ref="saml:OneTimeUse"/>
+            <element ref="saml:ProxyRestriction"/>
+        </choice>
+        <attribute name="NotBefore" type="dateTime" use="optional"/>
+        <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+    </complexType>
+    <element name="Condition" type="saml:ConditionAbstractType"/>
+    <complexType name="ConditionAbstractType" abstract="true"/>
+    <element name="AudienceRestriction" type="saml:AudienceRestrictionType"/>
+    <complexType name="AudienceRestrictionType">
+        <complexContent>
+            <extension base="saml:ConditionAbstractType">
+                <sequence>
+                    <element ref="saml:Audience" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="Audience" type="anyURI"/>
+    <element name="OneTimeUse" type="saml:OneTimeUseType" />
+    <complexType name="OneTimeUseType">
+        <complexContent>
+            <extension base="saml:ConditionAbstractType"/>
+        </complexContent>
+    </complexType>
+    <element name="ProxyRestriction" type="saml:ProxyRestrictionType"/>
+    <complexType name="ProxyRestrictionType">
+    <complexContent>
+        <extension base="saml:ConditionAbstractType">
+            <sequence>
+                <element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>
+            </sequence>
+            <attribute name="Count" type="nonNegativeInteger" use="optional"/>
+        </extension>
+	</complexContent>
+    </complexType>
+    <element name="Advice" type="saml:AdviceType"/>
+    <complexType name="AdviceType">
+        <choice minOccurs="0" maxOccurs="unbounded">
+            <element ref="saml:AssertionIDRef"/>
+            <element ref="saml:AssertionURIRef"/>
+            <element ref="saml:Assertion"/>
+            <element ref="saml:EncryptedAssertion"/>
+            <any namespace="##other" processContents="lax"/>
+        </choice>
+    </complexType>
+    <element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
+    <element name="Statement" type="saml:StatementAbstractType"/>
+    <complexType name="StatementAbstractType" abstract="true"/>
+    <element name="AuthnStatement" type="saml:AuthnStatementType"/>
+    <complexType name="AuthnStatementType">
+        <complexContent>
+            <extension base="saml:StatementAbstractType">
+                <sequence>
+                    <element ref="saml:SubjectLocality" minOccurs="0"/>
+                    <element ref="saml:AuthnContext"/>
+                </sequence>
+                <attribute name="AuthnInstant" type="dateTime" use="required"/>
+                <attribute name="SessionIndex" type="string" use="optional"/>
+                <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
+    <complexType name="SubjectLocalityType">
+        <attribute name="Address" type="string" use="optional"/>
+        <attribute name="DNSName" type="string" use="optional"/>
+    </complexType>
+    <element name="AuthnContext" type="saml:AuthnContextType"/>
+    <complexType name="AuthnContextType">
+        <sequence>
+            <choice>
+                <sequence>
+                    <element ref="saml:AuthnContextClassRef"/>
+                    <choice minOccurs="0">
+                        <element ref="saml:AuthnContextDecl"/>
+                        <element ref="saml:AuthnContextDeclRef"/>
+                    </choice>
+                </sequence>
+                <choice>
+                    <element ref="saml:AuthnContextDecl"/>
+                    <element ref="saml:AuthnContextDeclRef"/>
+                </choice>
+            </choice>
+            <element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+    </complexType>
+    <element name="AuthnContextClassRef" type="anyURI"/>
+    <element name="AuthnContextDeclRef" type="anyURI"/>
+    <element name="AuthnContextDecl" type="anyType"/>
+    <element name="AuthenticatingAuthority" type="anyURI"/>
+    <element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/>
+    <complexType name="AuthzDecisionStatementType">
+        <complexContent>
+            <extension base="saml:StatementAbstractType">
+                <sequence>
+                    <element ref="saml:Action" maxOccurs="unbounded"/>
+                    <element ref="saml:Evidence" minOccurs="0"/>
+                </sequence>
+                <attribute name="Resource" type="anyURI" use="required"/>
+                <attribute name="Decision" type="saml:DecisionType" use="required"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <simpleType name="DecisionType">
+        <restriction base="string">
+            <enumeration value="Permit"/>
+            <enumeration value="Deny"/>
+            <enumeration value="Indeterminate"/>
+        </restriction>
+    </simpleType>
+    <element name="Action" type="saml:ActionType"/>
+    <complexType name="ActionType">
+        <simpleContent>
+            <extension base="string">
+                <attribute name="Namespace" type="anyURI" use="required"/>
+            </extension>
+        </simpleContent>
+    </complexType>
+    <element name="Evidence" type="saml:EvidenceType"/>
+    <complexType name="EvidenceType">
+        <choice maxOccurs="unbounded">
+            <element ref="saml:AssertionIDRef"/>
+            <element ref="saml:AssertionURIRef"/>
+            <element ref="saml:Assertion"/>
+            <element ref="saml:EncryptedAssertion"/>
+        </choice>
+    </complexType>
+    <element name="AttributeStatement" type="saml:AttributeStatementType"/>
+    <complexType name="AttributeStatementType">
+        <complexContent>
+            <extension base="saml:StatementAbstractType">
+                <choice maxOccurs="unbounded">
+                    <element ref="saml:Attribute"/>
+                    <element ref="saml:EncryptedAttribute"/>
+                </choice>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="Attribute" type="saml:AttributeType"/>
+    <complexType name="AttributeType">
+        <sequence>
+            <element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="Name" type="string" use="required"/>
+        <attribute name="NameFormat" type="anyURI" use="optional"/>
+        <attribute name="FriendlyName" type="string" use="optional"/>
+        <anyAttribute namespace="##other" processContents="lax"/>
+    </complexType>
+    <element name="AttributeValue" type="anyType" nillable="true"/>
+    <element name="EncryptedAttribute" type="saml:EncryptedElementType"/>
+</schema>
diff --git a/schemas/saml-schema-authn-context-2.0.xsd b/schemas/saml-schema-authn-context-2.0.xsd
index 5723bb9..e4754fa 100644
--- a/schemas/saml-schema-authn-context-2.0.xsd
+++ b/schemas/saml-schema-authn-context-2.0.xsd
@@ -1,23 +1,23 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema 
-  targetNamespace="urn:oasis:names:tc:SAML:2.0:ac"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema"
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:annotation>
-    <xs:documentation>
-      Document identifier: saml-schema-authn-context-2.0
-      Location: http://docs.oasis-open.org/security/saml/v2.0/
-      Revision history:
-        V2.0 (March, 2005):
-          New core authentication context schema for SAML V2.0. 
-          This is just an include of all types from the schema
-          referred to in the include statement below.
-    </xs:documentation>
-  </xs:annotation>
-
-  <xs:include schemaLocation="saml-schema-authn-context-types-2.0.xsd"/>
-
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema 
+  targetNamespace="urn:oasis:names:tc:SAML:2.0:ac"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:annotation>
+    <xs:documentation>
+      Document identifier: saml-schema-authn-context-2.0
+      Location: http://docs.oasis-open.org/security/saml/v2.0/
+      Revision history:
+        V2.0 (March, 2005):
+          New core authentication context schema for SAML V2.0. 
+          This is just an include of all types from the schema
+          referred to in the include statement below.
+    </xs:documentation>
+  </xs:annotation>
+
+  <xs:include schemaLocation="saml-schema-authn-context-types-2.0.xsd"/>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-auth-telephony-2.0.xsd b/schemas/saml-schema-authn-context-auth-telephony-2.0.xsd
index 84dc4ec..da59934 100644
--- a/schemas/saml-schema-authn-context-auth-telephony-2.0.xsd
+++ b/schemas/saml-schema-authn-context-auth-telephony-2.0.xsd
@@ -1,81 +1,81 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony
-        Document identifier: saml-schema-authn-context-auth-telephony-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="Password"/>
-            <xs:element ref="SubscriberLineNumber"/>
-            <xs:element ref="UserSuffix"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PSTN"/>
-              <xs:element ref="ISDN"/>
-              <xs:element ref="ADSL"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony
+        Document identifier: saml-schema-authn-context-auth-telephony-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="Password"/>
+            <xs:element ref="SubscriberLineNumber"/>
+            <xs:element ref="UserSuffix"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PSTN"/>
+              <xs:element ref="ISDN"/>
+              <xs:element ref="ADSL"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-ip-2.0.xsd b/schemas/saml-schema-authn-context-ip-2.0.xsd
index add9e0c..d4e7dfb 100644
--- a/schemas/saml-schema-authn-context-ip-2.0.xsd
+++ b/schemas/saml-schema-authn-context-ip-2.0.xsd
@@ -1,65 +1,65 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema
-  targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol
-        Document identifier: saml-schema-authn-context-ip-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="IPAddress"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema
+  targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol
+        Document identifier: saml-schema-authn-context-ip-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="IPAddress"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-ippword-2.0.xsd b/schemas/saml-schema-authn-context-ippword-2.0.xsd
index 7496a04..708f596 100644
--- a/schemas/saml-schema-authn-context-ippword-2.0.xsd
+++ b/schemas/saml-schema-authn-context-ippword-2.0.xsd
@@ -1,67 +1,67 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
-  xmlns:ac="urn:oasis:names:tc:SAML:2.0:ac" 
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword
-        Document identifier: saml-schema-authn-context-ippword-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="Password"/>
-            <xs:element ref="IPAddress"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
+  xmlns:ac="urn:oasis:names:tc:SAML:2.0:ac" 
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword
+        Document identifier: saml-schema-authn-context-ippword-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="Password"/>
+            <xs:element ref="IPAddress"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-kerberos-2.0.xsd b/schemas/saml-schema-authn-context-kerberos-2.0.xsd
index 88398cf..4b6a3a5 100644
--- a/schemas/saml-schema-authn-context-kerberos-2.0.xsd
+++ b/schemas/saml-schema-authn-context-kerberos-2.0.xsd
@@ -1,83 +1,83 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos
-        Document identifier: saml-schema-authn-context-kerberos-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="SharedSecretChallengeResponse"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="SharedSecretChallengeResponseType">
-      <xs:complexContent>
-        <xs:restriction base="SharedSecretChallengeResponseType">
-          <xs:attribute name="method" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos
+        Document identifier: saml-schema-authn-context-kerberos-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="SharedSecretChallengeResponse"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="SharedSecretChallengeResponseType">
+      <xs:complexContent>
+        <xs:restriction base="SharedSecretChallengeResponseType">
+          <xs:attribute name="method" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd b/schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd
index 745a277..f724434 100644
--- a/schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd
+++ b/schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd
@@ -1,186 +1,186 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract
-        Document identifier: saml-schema-authn-context-mobileonefactor-reg-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="DigSig"/>
-              <xs:element ref="ZeroKnowledge"/>
-              <xs:element ref="SharedSecretChallengeResponse"/>
-              <xs:element ref="SharedSecretDynamicPlaintext"/>
-              <xs:element ref="AsymmetricDecryption"/>
-              <xs:element ref="AsymmetricKeyAgreement"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SSL"/>
-              <xs:element ref="MobileNetworkNoEncryption"/>
-              <xs:element ref="MobileNetworkRadioEncryption"/>
-              <xs:element ref="MobileNetworkEndToEndEncryption"/>
-              <xs:element ref="WTLS"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="OperationalProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="OperationalProtectionType">
-          <xs:sequence>
-            <xs:element ref="SecurityAudit"/>
-            <xs:element ref="DeactivationCallCenter"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="TechnicalProtectionBaseType">
-      <xs:complexContent>
-        <xs:restriction base="TechnicalProtectionBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PrivateKeyProtection"/>
-              <xs:element ref="SecretKeyProtection"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrivateKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="PrivateKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="SecretKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="SecretKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="KeyStorageType">
-      <xs:complexContent>
-        <xs:restriction base="KeyStorageType">
-          <xs:attribute name="medium" use="required">
-            <xs:simpleType>
-              <xs:restriction base="mediumType">
-                <xs:enumeration value="smartcard"/>
-                <xs:enumeration value="MobileDevice"/>
-                <xs:enumeration value="MobileAuthCard"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="SecurityAuditType">
-      <xs:complexContent>
-        <xs:restriction base="SecurityAuditType">
-          <xs:sequence>
-            <xs:element ref="SwitchAudit"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="IdentificationType">
-      <xs:complexContent>
-        <xs:restriction base="IdentificationType">
-          <xs:sequence>
-            <xs:element ref="PhysicalVerification"/>
-            <xs:element ref="WrittenConsent"/>
-            <xs:element ref="GoverningAgreements"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="nym">
-            <xs:simpleType>
-              <xs:restriction base="nymType">
-                <xs:enumeration value="anonymity"/>
-                <xs:enumeration value="verinymity"/>
-                <xs:enumeration value="pseudonymity"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract
+        Document identifier: saml-schema-authn-context-mobileonefactor-reg-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="DigSig"/>
+              <xs:element ref="ZeroKnowledge"/>
+              <xs:element ref="SharedSecretChallengeResponse"/>
+              <xs:element ref="SharedSecretDynamicPlaintext"/>
+              <xs:element ref="AsymmetricDecryption"/>
+              <xs:element ref="AsymmetricKeyAgreement"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SSL"/>
+              <xs:element ref="MobileNetworkNoEncryption"/>
+              <xs:element ref="MobileNetworkRadioEncryption"/>
+              <xs:element ref="MobileNetworkEndToEndEncryption"/>
+              <xs:element ref="WTLS"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="OperationalProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="OperationalProtectionType">
+          <xs:sequence>
+            <xs:element ref="SecurityAudit"/>
+            <xs:element ref="DeactivationCallCenter"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="TechnicalProtectionBaseType">
+      <xs:complexContent>
+        <xs:restriction base="TechnicalProtectionBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PrivateKeyProtection"/>
+              <xs:element ref="SecretKeyProtection"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrivateKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="PrivateKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="SecretKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="SecretKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="KeyStorageType">
+      <xs:complexContent>
+        <xs:restriction base="KeyStorageType">
+          <xs:attribute name="medium" use="required">
+            <xs:simpleType>
+              <xs:restriction base="mediumType">
+                <xs:enumeration value="smartcard"/>
+                <xs:enumeration value="MobileDevice"/>
+                <xs:enumeration value="MobileAuthCard"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="SecurityAuditType">
+      <xs:complexContent>
+        <xs:restriction base="SecurityAuditType">
+          <xs:sequence>
+            <xs:element ref="SwitchAudit"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="IdentificationType">
+      <xs:complexContent>
+        <xs:restriction base="IdentificationType">
+          <xs:sequence>
+            <xs:element ref="PhysicalVerification"/>
+            <xs:element ref="WrittenConsent"/>
+            <xs:element ref="GoverningAgreements"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="nym">
+            <xs:simpleType>
+              <xs:restriction base="nymType">
+                <xs:enumeration value="anonymity"/>
+                <xs:enumeration value="verinymity"/>
+                <xs:enumeration value="pseudonymity"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd b/schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd
index deea996..9727c45 100644
--- a/schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd
+++ b/schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd
@@ -1,183 +1,183 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered
-        Document identifier: saml-schema-authn-context-mobileonefactor-unreg-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="DigSig"/>
-              <xs:element ref="ZeroKnowledge"/>
-              <xs:element ref="SharedSecretChallengeResponse"/>
-              <xs:element ref="SharedSecretDynamicPlaintext"/>
-              <xs:element ref="AsymmetricDecryption"/>
-              <xs:element ref="AsymmetricKeyAgreement"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SSL"/>
-              <xs:element ref="MobileNetworkNoEncryption"/>
-              <xs:element ref="MobileNetworkRadioEncryption"/>
-              <xs:element ref="MobileNetworkEndToEndEncryption"/>
-              <xs:element ref="WTLS"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="OperationalProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="OperationalProtectionType">
-          <xs:sequence>
-            <xs:element ref="SecurityAudit"/>
-            <xs:element ref="DeactivationCallCenter"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="TechnicalProtectionBaseType">
-      <xs:complexContent>
-        <xs:restriction base="TechnicalProtectionBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PrivateKeyProtection"/>
-              <xs:element ref="SecretKeyProtection"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrivateKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="PrivateKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="SecretKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="SecretKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="KeyStorageType">
-      <xs:complexContent>
-        <xs:restriction base="KeyStorageType">
-          <xs:attribute name="medium" use="required">
-            <xs:simpleType>
-              <xs:restriction base="mediumType">
-                <xs:enumeration value="MobileDevice"/>
-                <xs:enumeration value="MobileAuthCard"/>
-                <xs:enumeration value="smartcard"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="SecurityAuditType">
-      <xs:complexContent>
-        <xs:restriction base="SecurityAuditType">
-          <xs:sequence>
-            <xs:element ref="SwitchAudit"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="IdentificationType">
-      <xs:complexContent>
-        <xs:restriction base="IdentificationType">
-          <xs:sequence>
-            <xs:element ref="GoverningAgreements"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="nym">
-            <xs:simpleType>
-              <xs:restriction base="nymType">
-                <xs:enumeration value="anonymity"/>
-                <xs:enumeration value="pseudonymity"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered
+        Document identifier: saml-schema-authn-context-mobileonefactor-unreg-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="DigSig"/>
+              <xs:element ref="ZeroKnowledge"/>
+              <xs:element ref="SharedSecretChallengeResponse"/>
+              <xs:element ref="SharedSecretDynamicPlaintext"/>
+              <xs:element ref="AsymmetricDecryption"/>
+              <xs:element ref="AsymmetricKeyAgreement"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SSL"/>
+              <xs:element ref="MobileNetworkNoEncryption"/>
+              <xs:element ref="MobileNetworkRadioEncryption"/>
+              <xs:element ref="MobileNetworkEndToEndEncryption"/>
+              <xs:element ref="WTLS"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="OperationalProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="OperationalProtectionType">
+          <xs:sequence>
+            <xs:element ref="SecurityAudit"/>
+            <xs:element ref="DeactivationCallCenter"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="TechnicalProtectionBaseType">
+      <xs:complexContent>
+        <xs:restriction base="TechnicalProtectionBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PrivateKeyProtection"/>
+              <xs:element ref="SecretKeyProtection"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrivateKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="PrivateKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="SecretKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="SecretKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="KeyStorageType">
+      <xs:complexContent>
+        <xs:restriction base="KeyStorageType">
+          <xs:attribute name="medium" use="required">
+            <xs:simpleType>
+              <xs:restriction base="mediumType">
+                <xs:enumeration value="MobileDevice"/>
+                <xs:enumeration value="MobileAuthCard"/>
+                <xs:enumeration value="smartcard"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="SecurityAuditType">
+      <xs:complexContent>
+        <xs:restriction base="SecurityAuditType">
+          <xs:sequence>
+            <xs:element ref="SwitchAudit"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="IdentificationType">
+      <xs:complexContent>
+        <xs:restriction base="IdentificationType">
+          <xs:sequence>
+            <xs:element ref="GoverningAgreements"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="nym">
+            <xs:simpleType>
+              <xs:restriction base="nymType">
+                <xs:enumeration value="anonymity"/>
+                <xs:enumeration value="pseudonymity"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd b/schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd
index 3bfa7c5..d0c59aa 100644
--- a/schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd
+++ b/schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd
@@ -1,202 +1,202 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract
-        Document identifier: saml-schema-authn-context-mobiletwofactor-reg-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="DigSig"/>
-              <xs:element ref="ZeroKnowledge"/>
-              <xs:element ref="SharedSecretChallengeResponse"/>
-              <xs:element ref="SharedSecretDynamicPlaintext"/>
-              <xs:element ref="AsymmetricDecryption"/>
-              <xs:element ref="AsymmetricKeyAgreement"/>
-              <xs:element ref="ComplexAuthenticator"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="ComplexAuthenticatorType">
-      <xs:complexContent>
-        <xs:restriction base="ComplexAuthenticatorType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SharedSecretChallengeResponse"/>
-              <xs:element ref="SharedSecretDynamicPlaintext"/>
-            </xs:choice>
-            <xs:element ref="Password"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SSL"/>
-              <xs:element ref="MobileNetworkNoEncryption"/>
-              <xs:element ref="MobileNetworkRadioEncryption"/>
-              <xs:element ref="MobileNetworkEndToEndEncryption"/>
-              <xs:element ref="WTLS"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="OperationalProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="OperationalProtectionType">
-          <xs:sequence>
-            <xs:element ref="SecurityAudit"/>
-            <xs:element ref="DeactivationCallCenter"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="TechnicalProtectionBaseType">
-      <xs:complexContent>
-        <xs:restriction base="TechnicalProtectionBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PrivateKeyProtection"/>
-              <xs:element ref="SecretKeyProtection"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrivateKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="PrivateKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyActivation"/>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="SecretKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="SecretKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyActivation"/>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="KeyStorageType">
-      <xs:complexContent>
-        <xs:restriction base="KeyStorageType">
-          <xs:attribute name="medium" use="required">
-            <xs:simpleType>
-              <xs:restriction base="mediumType">
-                <xs:enumeration value="MobileDevice"/>
-                <xs:enumeration value="MobileAuthCard"/>
-                <xs:enumeration value="smartcard"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-  
-    <xs:complexType name="SecurityAuditType">
-      <xs:complexContent>
-        <xs:restriction base="SecurityAuditType">
-          <xs:sequence>
-            <xs:element ref="SwitchAudit"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-  
-    <xs:complexType name="IdentificationType">
-      <xs:complexContent>
-        <xs:restriction base="IdentificationType">
-          <xs:sequence>
-            <xs:element ref="PhysicalVerification"/>
-            <xs:element ref="WrittenConsent"/>
-            <xs:element ref="GoverningAgreements"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="nym">
-            <xs:simpleType>
-              <xs:restriction base="nymType">
-                <xs:enumeration value="anonymity"/>
-                <xs:enumeration value="verinymity"/>
-                <xs:enumeration value="pseudonymity"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract
+        Document identifier: saml-schema-authn-context-mobiletwofactor-reg-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="DigSig"/>
+              <xs:element ref="ZeroKnowledge"/>
+              <xs:element ref="SharedSecretChallengeResponse"/>
+              <xs:element ref="SharedSecretDynamicPlaintext"/>
+              <xs:element ref="AsymmetricDecryption"/>
+              <xs:element ref="AsymmetricKeyAgreement"/>
+              <xs:element ref="ComplexAuthenticator"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="ComplexAuthenticatorType">
+      <xs:complexContent>
+        <xs:restriction base="ComplexAuthenticatorType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SharedSecretChallengeResponse"/>
+              <xs:element ref="SharedSecretDynamicPlaintext"/>
+            </xs:choice>
+            <xs:element ref="Password"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SSL"/>
+              <xs:element ref="MobileNetworkNoEncryption"/>
+              <xs:element ref="MobileNetworkRadioEncryption"/>
+              <xs:element ref="MobileNetworkEndToEndEncryption"/>
+              <xs:element ref="WTLS"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="OperationalProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="OperationalProtectionType">
+          <xs:sequence>
+            <xs:element ref="SecurityAudit"/>
+            <xs:element ref="DeactivationCallCenter"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="TechnicalProtectionBaseType">
+      <xs:complexContent>
+        <xs:restriction base="TechnicalProtectionBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PrivateKeyProtection"/>
+              <xs:element ref="SecretKeyProtection"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrivateKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="PrivateKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyActivation"/>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="SecretKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="SecretKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyActivation"/>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="KeyStorageType">
+      <xs:complexContent>
+        <xs:restriction base="KeyStorageType">
+          <xs:attribute name="medium" use="required">
+            <xs:simpleType>
+              <xs:restriction base="mediumType">
+                <xs:enumeration value="MobileDevice"/>
+                <xs:enumeration value="MobileAuthCard"/>
+                <xs:enumeration value="smartcard"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+  
+    <xs:complexType name="SecurityAuditType">
+      <xs:complexContent>
+        <xs:restriction base="SecurityAuditType">
+          <xs:sequence>
+            <xs:element ref="SwitchAudit"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+  
+    <xs:complexType name="IdentificationType">
+      <xs:complexContent>
+        <xs:restriction base="IdentificationType">
+          <xs:sequence>
+            <xs:element ref="PhysicalVerification"/>
+            <xs:element ref="WrittenConsent"/>
+            <xs:element ref="GoverningAgreements"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="nym">
+            <xs:simpleType>
+              <xs:restriction base="nymType">
+                <xs:enumeration value="anonymity"/>
+                <xs:enumeration value="verinymity"/>
+                <xs:enumeration value="pseudonymity"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd b/schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd
index 714e0fd..1a4578c 100644
--- a/schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd
+++ b/schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd
@@ -1,200 +1,200 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered
-        Document identifier: saml-schema-authn-context-mobiletwofactor-unreg-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="DigSig"/>
-              <xs:element ref="ZeroKnowledge"/>
-              <xs:element ref="SharedSecretChallengeResponse"/>
-              <xs:element ref="SharedSecretDynamicPlaintext"/>
-              <xs:element ref="AsymmetricDecryption"/>
-              <xs:element ref="AsymmetricKeyAgreement"/>
-              <xs:element ref="ComplexAuthenticator"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="ComplexAuthenticatorType">
-      <xs:complexContent>
-        <xs:restriction base="ComplexAuthenticatorType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SharedSecretChallengeResponse"/>
-              <xs:element ref="SharedSecretDynamicPlaintext"/>
-            </xs:choice>
-            <xs:element ref="Password"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SSL"/>
-              <xs:element ref="MobileNetworkNoEncryption"/>
-              <xs:element ref="MobileNetworkRadioEncryption"/>
-              <xs:element ref="MobileNetworkEndToEndEncryption"/>
-              <xs:element ref="WTLS"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="OperationalProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="OperationalProtectionType">
-          <xs:sequence>
-            <xs:element ref="SecurityAudit"/>
-            <xs:element ref="DeactivationCallCenter"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="TechnicalProtectionBaseType">
-      <xs:complexContent>
-        <xs:restriction base="TechnicalProtectionBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PrivateKeyProtection"/>
-              <xs:element ref="SecretKeyProtection"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrivateKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="PrivateKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyActivation"/>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="SecretKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="SecretKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyActivation"/>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="KeyStorageType">
-      <xs:complexContent>
-        <xs:restriction base="KeyStorageType">
-          <xs:attribute name="medium" use="required">
-            <xs:simpleType>
-              <xs:restriction base="mediumType">
-                <xs:enumeration value="MobileDevice"/>
-                <xs:enumeration value="MobileAuthCard"/>
-                <xs:enumeration value="smartcard"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="SecurityAuditType">
-      <xs:complexContent>
-        <xs:restriction base="SecurityAuditType">
-          <xs:sequence>
-            <xs:element ref="SwitchAudit"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="IdentificationType">
-      <xs:complexContent>
-        <xs:restriction base="IdentificationType">
-          <xs:sequence>
-            <xs:element ref="GoverningAgreements"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="nym">
-            <xs:simpleType>
-              <xs:restriction base="nymType">
-                <xs:enumeration value="anonymity"/>
-                <xs:enumeration value="pseudonymity"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered
+        Document identifier: saml-schema-authn-context-mobiletwofactor-unreg-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="DigSig"/>
+              <xs:element ref="ZeroKnowledge"/>
+              <xs:element ref="SharedSecretChallengeResponse"/>
+              <xs:element ref="SharedSecretDynamicPlaintext"/>
+              <xs:element ref="AsymmetricDecryption"/>
+              <xs:element ref="AsymmetricKeyAgreement"/>
+              <xs:element ref="ComplexAuthenticator"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="ComplexAuthenticatorType">
+      <xs:complexContent>
+        <xs:restriction base="ComplexAuthenticatorType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SharedSecretChallengeResponse"/>
+              <xs:element ref="SharedSecretDynamicPlaintext"/>
+            </xs:choice>
+            <xs:element ref="Password"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SSL"/>
+              <xs:element ref="MobileNetworkNoEncryption"/>
+              <xs:element ref="MobileNetworkRadioEncryption"/>
+              <xs:element ref="MobileNetworkEndToEndEncryption"/>
+              <xs:element ref="WTLS"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="OperationalProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="OperationalProtectionType">
+          <xs:sequence>
+            <xs:element ref="SecurityAudit"/>
+            <xs:element ref="DeactivationCallCenter"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="TechnicalProtectionBaseType">
+      <xs:complexContent>
+        <xs:restriction base="TechnicalProtectionBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PrivateKeyProtection"/>
+              <xs:element ref="SecretKeyProtection"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrivateKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="PrivateKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyActivation"/>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="SecretKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="SecretKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyActivation"/>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="KeyStorageType">
+      <xs:complexContent>
+        <xs:restriction base="KeyStorageType">
+          <xs:attribute name="medium" use="required">
+            <xs:simpleType>
+              <xs:restriction base="mediumType">
+                <xs:enumeration value="MobileDevice"/>
+                <xs:enumeration value="MobileAuthCard"/>
+                <xs:enumeration value="smartcard"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="SecurityAuditType">
+      <xs:complexContent>
+        <xs:restriction base="SecurityAuditType">
+          <xs:sequence>
+            <xs:element ref="SwitchAudit"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="IdentificationType">
+      <xs:complexContent>
+        <xs:restriction base="IdentificationType">
+          <xs:sequence>
+            <xs:element ref="GoverningAgreements"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="nym">
+            <xs:simpleType>
+              <xs:restriction base="nymType">
+                <xs:enumeration value="anonymity"/>
+                <xs:enumeration value="pseudonymity"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd b/schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd
index c906514..0eb861f 100644
--- a/schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd
+++ b/schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd
@@ -1,81 +1,81 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony
-        Document identifier: saml-schema-authn-context-nomad-telephony-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="Password"/>
-            <xs:element ref="SubscriberLineNumber"/>
-            <xs:element ref="UserSuffix"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PSTN"/>
-              <xs:element ref="ISDN"/>
-              <xs:element ref="ADSL"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony
+        Document identifier: saml-schema-authn-context-nomad-telephony-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="Password"/>
+            <xs:element ref="SubscriberLineNumber"/>
+            <xs:element ref="UserSuffix"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PSTN"/>
+              <xs:element ref="ISDN"/>
+              <xs:element ref="ADSL"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-personal-telephony-2.0.xsd b/schemas/saml-schema-authn-context-personal-telephony-2.0.xsd
index bdb0f72..a9eebf4 100644
--- a/schemas/saml-schema-authn-context-personal-telephony-2.0.xsd
+++ b/schemas/saml-schema-authn-context-personal-telephony-2.0.xsd
@@ -1,80 +1,80 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony
-        Document identifier: saml-schema-authn-context-personal-telephony-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="SubscriberLineNumber"/>
-            <xs:element ref="UserSuffix"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PSTN"/>
-              <xs:element ref="ISDN"/>
-              <xs:element ref="ADSL"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony
+        Document identifier: saml-schema-authn-context-personal-telephony-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="SubscriberLineNumber"/>
+            <xs:element ref="UserSuffix"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PSTN"/>
+              <xs:element ref="ISDN"/>
+              <xs:element ref="ADSL"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-pgp-2.0.xsd b/schemas/saml-schema-authn-context-pgp-2.0.xsd
index cbff52a..74c73c1 100644
--- a/schemas/saml-schema-authn-context-pgp-2.0.xsd
+++ b/schemas/saml-schema-authn-context-pgp-2.0.xsd
@@ -1,83 +1,83 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PGP
-        Document identifier: saml-schema-authn-context-pgp-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="DigSig"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PublicKeyType">
-      <xs:complexContent>
-        <xs:restriction base="PublicKeyType">
-          <xs:attribute name="keyValidation" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PGP
+        Document identifier: saml-schema-authn-context-pgp-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="DigSig"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PublicKeyType">
+      <xs:complexContent>
+        <xs:restriction base="PublicKeyType">
+          <xs:attribute name="keyValidation" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-ppt-2.0.xsd b/schemas/saml-schema-authn-context-ppt-2.0.xsd
index a0d9bcb..2572965 100644
--- a/schemas/saml-schema-authn-context-ppt-2.0.xsd
+++ b/schemas/saml-schema-authn-context-ppt-2.0.xsd
@@ -1,81 +1,81 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
-        Document identifier: saml-schema-authn-context-ppt-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SSL"/>
-              <xs:element ref="MobileNetworkRadioEncryption"/>
-              <xs:element ref="MobileNetworkEndToEndEncryption"/>
-              <xs:element ref="WTLS"/>
-              <xs:element ref="IPSec"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
+        Document identifier: saml-schema-authn-context-ppt-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SSL"/>
+              <xs:element ref="MobileNetworkRadioEncryption"/>
+              <xs:element ref="MobileNetworkEndToEndEncryption"/>
+              <xs:element ref="WTLS"/>
+              <xs:element ref="IPSec"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-pword-2.0.xsd b/schemas/saml-schema-authn-context-pword-2.0.xsd
index 7c98cdd..0c18a42 100644
--- a/schemas/saml-schema-authn-context-pword-2.0.xsd
+++ b/schemas/saml-schema-authn-context-pword-2.0.xsd
@@ -1,64 +1,64 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Password
-        Document identifier: saml-schema-authn-context-pword-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Password
+        Document identifier: saml-schema-authn-context-pword-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-session-2.0.xsd b/schemas/saml-schema-authn-context-session-2.0.xsd
index c7340bf..77ef000 100644
--- a/schemas/saml-schema-authn-context-session-2.0.xsd
+++ b/schemas/saml-schema-authn-context-session-2.0.xsd
@@ -1,64 +1,64 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession
-        Document identifier: saml-schema-authn-context-session-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="PreviousSession"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession
+        Document identifier: saml-schema-authn-context-session-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="PreviousSession"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-smartcard-2.0.xsd b/schemas/saml-schema-authn-context-smartcard-2.0.xsd
index 64a7479..1bd084a 100644
--- a/schemas/saml-schema-authn-context-smartcard-2.0.xsd
+++ b/schemas/saml-schema-authn-context-smartcard-2.0.xsd
@@ -1,64 +1,64 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard
-        Document identifier: saml-schema-authn-context-smartcard-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="Smartcard"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-  
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard
+        Document identifier: saml-schema-authn-context-smartcard-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="Smartcard"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+  
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-smartcardpki-2.0.xsd b/schemas/saml-schema-authn-context-smartcardpki-2.0.xsd
index bb6474d..0508d4d 100644
--- a/schemas/saml-schema-authn-context-smartcardpki-2.0.xsd
+++ b/schemas/saml-schema-authn-context-smartcardpki-2.0.xsd
@@ -1,129 +1,129 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI
-        Document identifier: saml-schema-authn-context-smartcardpki-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="TechnicalProtectionBaseType">
-      <xs:complexContent>
-        <xs:restriction base="TechnicalProtectionBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PrivateKeyProtection"/>
-            </xs:choice>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="Smartcard"/>
-            <xs:element ref="ActivationPin"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="DigSig"/>
-              <xs:element ref="AsymmetricDecryption"/>
-              <xs:element ref="AsymmetricKeyAgreement"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="PrivateKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="PrivateKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyActivation"/>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="KeyActivationType">
-      <xs:complexContent>
-        <xs:restriction base="KeyActivationType">
-          <xs:sequence>
-            <xs:element ref="ActivationPin"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="KeyStorageType">
-      <xs:complexContent>
-        <xs:restriction base="KeyStorageType">
-          <xs:attribute name="medium" use="required">
-            <xs:simpleType>
-              <xs:restriction base="mediumType">
-                <xs:enumeration value="smartcard"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI
+        Document identifier: saml-schema-authn-context-smartcardpki-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="TechnicalProtectionBaseType">
+      <xs:complexContent>
+        <xs:restriction base="TechnicalProtectionBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PrivateKeyProtection"/>
+            </xs:choice>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="Smartcard"/>
+            <xs:element ref="ActivationPin"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="DigSig"/>
+              <xs:element ref="AsymmetricDecryption"/>
+              <xs:element ref="AsymmetricKeyAgreement"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="PrivateKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="PrivateKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyActivation"/>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="KeyActivationType">
+      <xs:complexContent>
+        <xs:restriction base="KeyActivationType">
+          <xs:sequence>
+            <xs:element ref="ActivationPin"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="KeyStorageType">
+      <xs:complexContent>
+        <xs:restriction base="KeyStorageType">
+          <xs:attribute name="medium" use="required">
+            <xs:simpleType>
+              <xs:restriction base="mediumType">
+                <xs:enumeration value="smartcard"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-softwarepki-2.0.xsd b/schemas/saml-schema-authn-context-softwarepki-2.0.xsd
index 2054a81..5c41a2f 100644
--- a/schemas/saml-schema-authn-context-softwarepki-2.0.xsd
+++ b/schemas/saml-schema-authn-context-softwarepki-2.0.xsd
@@ -1,129 +1,129 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI
-        Document identifier: saml-schema-authn-context-softwarepki-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="TechnicalProtectionBaseType">
-      <xs:complexContent>
-        <xs:restriction base="TechnicalProtectionBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PrivateKeyProtection"/>
-            </xs:choice>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="ActivationPin"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="DigSig"/>
-              <xs:element ref="AsymmetricDecryption"/>
-              <xs:element ref="AsymmetricKeyAgreement"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrivateKeyProtectionType">
-      <xs:complexContent>
-        <xs:restriction base="PrivateKeyProtectionType">
-          <xs:sequence>
-            <xs:element ref="KeyActivation"/>
-            <xs:element ref="KeyStorage"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="KeyActivationType">
-      <xs:complexContent>
-        <xs:restriction base="KeyActivationType">
-          <xs:sequence>
-            <xs:element ref="ActivationPin"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="KeyStorageType">
-      <xs:complexContent>
-        <xs:restriction base="KeyStorageType">
-          <xs:attribute name="medium" use="required">
-            <xs:simpleType>
-              <xs:restriction base="mediumType">
-                <xs:enumeration value="memory"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI
+        Document identifier: saml-schema-authn-context-softwarepki-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="TechnicalProtectionBaseType">
+      <xs:complexContent>
+        <xs:restriction base="TechnicalProtectionBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PrivateKeyProtection"/>
+            </xs:choice>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="ActivationPin"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="DigSig"/>
+              <xs:element ref="AsymmetricDecryption"/>
+              <xs:element ref="AsymmetricKeyAgreement"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrivateKeyProtectionType">
+      <xs:complexContent>
+        <xs:restriction base="PrivateKeyProtectionType">
+          <xs:sequence>
+            <xs:element ref="KeyActivation"/>
+            <xs:element ref="KeyStorage"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="KeyActivationType">
+      <xs:complexContent>
+        <xs:restriction base="KeyActivationType">
+          <xs:sequence>
+            <xs:element ref="ActivationPin"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="KeyStorageType">
+      <xs:complexContent>
+        <xs:restriction base="KeyStorageType">
+          <xs:attribute name="medium" use="required">
+            <xs:simpleType>
+              <xs:restriction base="mediumType">
+                <xs:enumeration value="memory"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-spki-2.0.xsd b/schemas/saml-schema-authn-context-spki-2.0.xsd
index 698c7c6..ce57d79 100644
--- a/schemas/saml-schema-authn-context-spki-2.0.xsd
+++ b/schemas/saml-schema-authn-context-spki-2.0.xsd
@@ -1,83 +1,83 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI
-        Document identifier: saml-schema-authn-context-spki-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="DigSig"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PublicKeyType">
-      <xs:complexContent>
-        <xs:restriction base="PublicKeyType">
-          <xs:attribute name="keyValidation" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI
+        Document identifier: saml-schema-authn-context-spki-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="DigSig"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PublicKeyType">
+      <xs:complexContent>
+        <xs:restriction base="PublicKeyType">
+          <xs:attribute name="keyValidation" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-srp-2.0.xsd b/schemas/saml-schema-authn-context-srp-2.0.xsd
index 07c6ae4..9051dd5 100644
--- a/schemas/saml-schema-authn-context-srp-2.0.xsd
+++ b/schemas/saml-schema-authn-context-srp-2.0.xsd
@@ -1,82 +1,82 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword
-        Document identifier: saml-schema-authn-context-srp-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="SharedSecretChallengeResponse"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="SharedSecretChallengeResponseType">
-      <xs:complexContent>
-        <xs:restriction base="SharedSecretChallengeResponseType">
-          <xs:attribute name="method" type="xs:anyURI" fixed="urn:ietf:rfc:2945"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword
+        Document identifier: saml-schema-authn-context-srp-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="SharedSecretChallengeResponse"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="SharedSecretChallengeResponseType">
+      <xs:complexContent>
+        <xs:restriction base="SharedSecretChallengeResponseType">
+          <xs:attribute name="method" type="xs:anyURI" fixed="urn:ietf:rfc:2945"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-sslcert-2.0.xsd b/schemas/saml-schema-authn-context-sslcert-2.0.xsd
index 88a4f17..723103b 100644
--- a/schemas/saml-schema-authn-context-sslcert-2.0.xsd
+++ b/schemas/saml-schema-authn-context-sslcert-2.0.xsd
@@ -1,97 +1,97 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient
-        Document identifier: saml-schema-authn-context-sslcert-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="DigSig"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="PublicKeyType">
-      <xs:complexContent>
-        <xs:restriction base="PublicKeyType">
-          <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="SSL"/>            
-              <xs:element ref="WTLS"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient
+        Document identifier: saml-schema-authn-context-sslcert-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="DigSig"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="PublicKeyType">
+      <xs:complexContent>
+        <xs:restriction base="PublicKeyType">
+          <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="SSL"/>            
+              <xs:element ref="WTLS"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-telephony-2.0.xsd b/schemas/saml-schema-authn-context-telephony-2.0.xsd
index e4906c5..15ff753 100644
--- a/schemas/saml-schema-authn-context-telephony-2.0.xsd
+++ b/schemas/saml-schema-authn-context-telephony-2.0.xsd
@@ -1,79 +1,79 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony
-        Document identifier: saml-schema-authn-context-telephony-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="SubscriberLineNumber"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorTransportProtocolType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorTransportProtocolType">
-          <xs:sequence>
-            <xs:choice>
-              <xs:element ref="PSTN"/>
-              <xs:element ref="ISDN"/>
-              <xs:element ref="ADSL"/>
-            </xs:choice>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony
+        Document identifier: saml-schema-authn-context-telephony-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="SubscriberLineNumber"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorTransportProtocolType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorTransportProtocolType">
+          <xs:sequence>
+            <xs:choice>
+              <xs:element ref="PSTN"/>
+              <xs:element ref="ISDN"/>
+              <xs:element ref="ADSL"/>
+            </xs:choice>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
 </xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-timesync-2.0.xsd b/schemas/saml-schema-authn-context-timesync-2.0.xsd
index 53b425f..afc92f3 100644
--- a/schemas/saml-schema-authn-context-timesync-2.0.xsd
+++ b/schemas/saml-schema-authn-context-timesync-2.0.xsd
@@ -1,105 +1,105 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken
-        Document identifier: saml-schema-authn-context-timesync-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="Token"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="TokenType">
-      <xs:complexContent>
-        <xs:restriction base="TokenType">
-          <xs:sequence>
-            <xs:element ref="TimeSyncToken"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="TimeSyncTokenType">
-      <xs:complexContent>
-        <xs:restriction base="TimeSyncTokenType">
-          <xs:attribute name="DeviceType" use="required">
-            <xs:simpleType>
-              <xs:restriction base="DeviceTypeType">
-                <xs:enumeration value="hardware"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-
-          <xs:attribute name="SeedLength" use="required">
-            <xs:simpleType>
-              <xs:restriction base="xs:integer">
-                <xs:minInclusive value="64"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-
-          <xs:attribute name="DeviceInHand" use="required">
-            <xs:simpleType>
-              <xs:restriction base="booleanType">
-                <xs:enumeration value="true"/>
-              </xs:restriction>
-            </xs:simpleType>
-          </xs:attribute>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken
+        Document identifier: saml-schema-authn-context-timesync-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="Token"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="TokenType">
+      <xs:complexContent>
+        <xs:restriction base="TokenType">
+          <xs:sequence>
+            <xs:element ref="TimeSyncToken"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="TimeSyncTokenType">
+      <xs:complexContent>
+        <xs:restriction base="TimeSyncTokenType">
+          <xs:attribute name="DeviceType" use="required">
+            <xs:simpleType>
+              <xs:restriction base="DeviceTypeType">
+                <xs:enumeration value="hardware"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+
+          <xs:attribute name="SeedLength" use="required">
+            <xs:simpleType>
+              <xs:restriction base="xs:integer">
+                <xs:minInclusive value="64"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+
+          <xs:attribute name="DeviceInHand" use="required">
+            <xs:simpleType>
+              <xs:restriction base="booleanType">
+                <xs:enumeration value="true"/>
+              </xs:restriction>
+            </xs:simpleType>
+          </xs:attribute>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-types-2.0.xsd b/schemas/saml-schema-authn-context-types-2.0.xsd
index 6ae1875..8513959 100644
--- a/schemas/saml-schema-authn-context-types-2.0.xsd
+++ b/schemas/saml-schema-authn-context-types-2.0.xsd
@@ -1,821 +1,821 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema 
-  xmlns:xs="http://www.w3.org/2001/XMLSchema"
-  elementFormDefault="qualified"
-  version="2.0">
-
-  <xs:annotation>
-    <xs:documentation>
-      Document identifier: saml-schema-authn-context-types-2.0
-      Location: http://docs.oasis-open.org/security/saml/v2.0/
-      Revision history:
-          V2.0 (March, 2005):
-          New core authentication context schema types for SAML V2.0. 
-    </xs:documentation>
-  </xs:annotation>
-
-  <xs:element name="AuthenticationContextDeclaration" type="AuthnContextDeclarationBaseType">
-    <xs:annotation>
-      <xs:documentation>
-        A particular assertion on an identity
-        provider's part with respect to the authentication
-        context associated with an authentication assertion.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="Identification" type="IdentificationType">
-    <xs:annotation>
-      <xs:documentation>
-        Refers to those characteristics that describe the
-        processes and mechanisms
-        the Authentication Authority uses to initially create
-        an association between a Principal
-        and the identity (or name) by which the Principal will
-        be known
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="PhysicalVerification">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that identification has been
-        performed in a physical
-        face-to-face meeting with the principal and not in an
-        online manner.
-      </xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:attribute name="credentialLevel">
-        <xs:simpleType>
-          <xs:restriction base="xs:NMTOKEN">
-            <xs:enumeration value="primary"/>
-            <xs:enumeration value="secondary"/>
-          </xs:restriction>
-        </xs:simpleType>
-      </xs:attribute>
-    </xs:complexType>
-  </xs:element>
-
-  <xs:element name="WrittenConsent" type="ExtensionOnlyType"/>
-
-  <xs:element name="TechnicalProtection" type="TechnicalProtectionBaseType">
-    <xs:annotation>
-      <xs:documentation>
-        Refers to those characterstics that describe how the
-        'secret' (the knowledge or possession
-        of which allows the Principal to authenticate to the
-        Authentication Authority) is kept secure
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="SecretKeyProtection" type="SecretKeyProtectionType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates the types and strengths of
-        facilities
-        of a UA used to protect a shared secret key from
-        unauthorized access and/or use.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="PrivateKeyProtection" type="PrivateKeyProtectionType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates the types and strengths of
-        facilities
-        of a UA used to protect a private key from
-        unauthorized access and/or use.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="KeyActivation" type="KeyActivationType">
-    <xs:annotation>
-      <xs:documentation>The actions that must be performed
-        before the private key can be used. </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="KeySharing" type="KeySharingType">
-    <xs:annotation>
-      <xs:documentation>Whether or not the private key is shared
-        with the certificate authority.</xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="KeyStorage" type="KeyStorageType">
-    <xs:annotation>
-      <xs:documentation>
-        In which medium is the key stored.
-        memory - the key is stored in memory.
-        smartcard - the key is stored in a smartcard.
-        token - the key is stored in a hardware token.
-        MobileDevice - the key is stored in a mobile device.
-        MobileAuthCard - the key is stored in a mobile
-        authentication card.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="SubscriberLineNumber" type="ExtensionOnlyType"/>
-  <xs:element name="UserSuffix" type="ExtensionOnlyType"/>
-
-  <xs:element name="Password" type="PasswordType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that a password (or passphrase)
-        has been used to
-        authenticate the Principal to a remote system.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="ActivationPin" type="ActivationPinType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that a Pin (Personal
-        Identification Number) has been used to authenticate the Principal to
-        some local system in order to activate a key.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="Token" type="TokenType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that a hardware or software
-        token is used
-        as a method of identifying the Principal.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="TimeSyncToken" type="TimeSyncTokenType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that a time synchronization
-        token is used to identify the Principal. hardware -
-        the time synchonization
-        token has been implemented in hardware. software - the
-        time synchronization
-        token has been implemented in software. SeedLength -
-        the length, in bits, of the
-        random seed used in the time synchronization token.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="Smartcard" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that a smartcard is used to
-        identity the Principal.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="Length" type="LengthType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates the minimum and/or maximum
-        ASCII length of the password which is enforced (by the UA or the
-        IdP). In other words, this is the minimum and/or maximum number of
-        ASCII characters required to represent a valid password.
-        min - the minimum number of ASCII characters required
-        in a valid password, as enforced by the UA or the IdP.
-        max - the maximum number of ASCII characters required
-        in a valid password, as enforced by the UA or the IdP.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="ActivationLimit" type="ActivationLimitType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates the length of time for which an
-        PIN-based authentication is valid.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="Generation">
-    <xs:annotation>
-      <xs:documentation>
-        Indicates whether the password was chosen by the
-        Principal or auto-supplied by the Authentication Authority.
-        principalchosen - the Principal is allowed to choose
-        the value of the password. This is true even if
-        the initial password is chosen at random by the UA or
-        the IdP and the Principal is then free to change
-        the password.
-        automatic - the password is chosen by the UA or the
-        IdP to be cryptographically strong in some sense,
-        or to satisfy certain password rules, and that the
-        Principal is not free to change it or to choose a new password.
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType>
-      <xs:attribute name="mechanism" use="required">
-        <xs:simpleType>
-          <xs:restriction base="xs:NMTOKEN">
-            <xs:enumeration value="principalchosen"/>
-            <xs:enumeration value="automatic"/>
-          </xs:restriction>
-        </xs:simpleType>
-      </xs:attribute>
-    </xs:complexType>
-  </xs:element>
-
-  <xs:element name="AuthnMethod" type="AuthnMethodBaseType">
-    <xs:annotation>
-      <xs:documentation>
-        Refers to those characteristics that define the
-        mechanisms by which the Principal authenticates to the Authentication
-        Authority.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="PrincipalAuthenticationMechanism" type="PrincipalAuthenticationMechanismType">
-    <xs:annotation>
-      <xs:documentation>
-        The method that a Principal employs to perform
-        authentication to local system components.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="Authenticator" type="AuthenticatorBaseType">
-    <xs:annotation>
-      <xs:documentation>
-        The method applied to validate a principal's
-        authentication across a network
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="ComplexAuthenticator" type="ComplexAuthenticatorType">
-    <xs:annotation>
-      <xs:documentation>
-        Supports Authenticators with nested combinations of
-        additional complexity.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="PreviousSession" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        Indicates that the Principal has been strongly
-        authenticated in a previous session during which the IdP has set a
-        cookie in the UA. During the present session the Principal has only
-        been authenticated by the UA returning the cookie to the IdP.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="ResumeSession" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        Rather like PreviousSession but using stronger
-        security. A secret that was established in a previous session with
-        the Authentication Authority has been cached by the local system and
-        is now re-used (e.g. a Master Secret is used to derive new session
-        keys in TLS, SSL, WTLS).
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="ZeroKnowledge" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Principal has been
-        authenticated by a zero knowledge technique as specified in ISO/IEC
-        9798-5.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="SharedSecretChallengeResponse" type="SharedSecretChallengeResponseType"/>
-
-  <xs:complexType name="SharedSecretChallengeResponseType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Principal has been
-        authenticated by a challenge-response protocol utilizing shared secret
-        keys and symmetric cryptography.
-      </xs:documentation>
-    </xs:annotation>
-    <xs:sequence>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-    <xs:attribute name="method" type="xs:anyURI" use="optional"/>
-  </xs:complexType>
-
-  <xs:element name="DigSig" type="PublicKeyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Principal has been
-        authenticated by a mechanism which involves the Principal computing a
-        digital signature over at least challenge data provided by the IdP.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="AsymmetricDecryption" type="PublicKeyType">
-    <xs:annotation>
-      <xs:documentation>
-        The local system has a private key but it is used
-        in decryption mode, rather than signature mode. For example, the
-        Authentication Authority generates a secret and encrypts it using the
-        local system's public key: the local system then proves it has
-        decrypted the secret.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="AsymmetricKeyAgreement" type="PublicKeyType">
-    <xs:annotation>
-      <xs:documentation>
-        The local system has a private key and uses it for
-        shared secret key agreement with the Authentication Authority (e.g.
-        via Diffie Helman).
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:complexType name="PublicKeyType">
-    <xs:sequence>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-    <xs:attribute name="keyValidation" use="optional"/>
-  </xs:complexType>
-
-  <xs:element name="IPAddress" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Principal has been
-        authenticated through connection from a particular IP address.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="SharedSecretDynamicPlaintext" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        The local system and Authentication Authority
-        share a secret key. The local system uses this to encrypt a
-        randomised string to pass to the Authentication Authority.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="AuthenticatorTransportProtocol" type="AuthenticatorTransportProtocolType">
-    <xs:annotation>
-      <xs:documentation>
-        The protocol across which Authenticator information is
-        transferred to an Authentication Authority verifier.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="HTTP" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Authenticator has been
-        transmitted using bare HTTP utilizing no additional security
-        protocols.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="IPSec" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Authenticator has been
-        transmitted using a transport mechanism protected by an IPSEC session.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-  
-  <xs:element name="WTLS" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Authenticator has been
-        transmitted using a transport mechanism protected by a WTLS session.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="MobileNetworkNoEncryption" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Authenticator has been
-        transmitted solely across a mobile network using no additional
-        security mechanism.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="MobileNetworkRadioEncryption" type="ExtensionOnlyType"/>
-  <xs:element name="MobileNetworkEndToEndEncryption" type="ExtensionOnlyType"/>
-
-  <xs:element name="SSL" type="ExtensionOnlyType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Authenticator has been
-        transmitted using a transport mechnanism protected by an SSL or TLS
-        session.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-  
-  <xs:element name="PSTN" type="ExtensionOnlyType"/>
-  <xs:element name="ISDN" type="ExtensionOnlyType"/>
-  <xs:element name="ADSL" type="ExtensionOnlyType"/>
-
-  <xs:element name="OperationalProtection" type="OperationalProtectionType">
-    <xs:annotation>
-      <xs:documentation>
-        Refers to those characteristics that describe
-        procedural security controls employed by the Authentication Authority.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="SecurityAudit" type="SecurityAuditType"/>
-  <xs:element name="SwitchAudit" type="ExtensionOnlyType"/>
-  <xs:element name="DeactivationCallCenter" type="ExtensionOnlyType"/>
-
-  <xs:element name="GoverningAgreements" type="GoverningAgreementsType">
-    <xs:annotation>
-      <xs:documentation>
-        Provides a mechanism for linking to external (likely
-        human readable) documents in which additional business agreements,
-        (e.g. liability constraints, obligations, etc) can be placed.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-
-  <xs:element name="GoverningAgreementRef" type="GoverningAgreementRefType"/>
-
-  <xs:simpleType name="nymType">
-    <xs:restriction base="xs:NMTOKEN">
-      <xs:enumeration value="anonymity"/>
-      <xs:enumeration value="verinymity"/>
-      <xs:enumeration value="pseudonymity"/>
-    </xs:restriction>
-  </xs:simpleType>
-
-  <xs:complexType name="AuthnContextDeclarationBaseType">
-    <xs:sequence>
-      <xs:element ref="Identification" minOccurs="0"/>
-      <xs:element ref="TechnicalProtection" minOccurs="0"/>
-      <xs:element ref="OperationalProtection" minOccurs="0"/>
-      <xs:element ref="AuthnMethod" minOccurs="0"/>
-      <xs:element ref="GoverningAgreements" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-    <xs:attribute name="ID" type="xs:ID" use="optional"/>
-  </xs:complexType>
-  
-  <xs:complexType name="IdentificationType">
-    <xs:sequence>
-      <xs:element ref="PhysicalVerification" minOccurs="0"/>
-      <xs:element ref="WrittenConsent" minOccurs="0"/>
-      <xs:element ref="GoverningAgreements" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-    <xs:attribute name="nym" type="nymType">
-      <xs:annotation>
-        <xs:documentation>
-          This attribute indicates whether or not the
-          Identification mechanisms allow the actions of the Principal to be
-          linked to an actual end user.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:complexType>
-
-  <xs:complexType name="TechnicalProtectionBaseType">
-    <xs:sequence>
-      <xs:choice minOccurs="0">
-        <xs:element ref="PrivateKeyProtection"/>
-        <xs:element ref="SecretKeyProtection"/>
-      </xs:choice>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="OperationalProtectionType">
-    <xs:sequence>
-      <xs:element ref="SecurityAudit" minOccurs="0"/>
-      <xs:element ref="DeactivationCallCenter" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="AuthnMethodBaseType">
-    <xs:sequence>
-      <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
-      <xs:element ref="Authenticator" minOccurs="0"/>
-      <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="GoverningAgreementsType">
-    <xs:sequence>
-      <xs:element ref="GoverningAgreementRef" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="GoverningAgreementRefType">
-    <xs:attribute name="governingAgreementRef" type="xs:anyURI" use="required"/>
-  </xs:complexType>
-
-  <xs:complexType name="PrincipalAuthenticationMechanismType">
-    <xs:sequence>
-      <xs:element ref="Password" minOccurs="0"/>
-      <xs:element ref="RestrictedPassword" minOccurs="0"/>
-      <xs:element ref="Token" minOccurs="0"/>
-      <xs:element ref="Smartcard" minOccurs="0"/>
-      <xs:element ref="ActivationPin" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-    <xs:attribute name="preauth" type="xs:integer" use="optional"/>
-  </xs:complexType>
-  
-  <xs:group name="AuthenticatorChoiceGroup">
-    <xs:choice>
-      <xs:element ref="PreviousSession"/>
-      <xs:element ref="ResumeSession"/>
-      <xs:element ref="DigSig"/>
-      <xs:element ref="Password"/>
-      <xs:element ref="RestrictedPassword"/>
-      <xs:element ref="ZeroKnowledge"/>
-      <xs:element ref="SharedSecretChallengeResponse"/>
-      <xs:element ref="SharedSecretDynamicPlaintext"/>
-      <xs:element ref="IPAddress"/>
-      <xs:element ref="AsymmetricDecryption"/>
-      <xs:element ref="AsymmetricKeyAgreement"/>
-      <xs:element ref="SubscriberLineNumber"/>
-      <xs:element ref="UserSuffix"/>
-      <xs:element ref="ComplexAuthenticator"/>
-    </xs:choice>
-  </xs:group>
-  
-  <xs:group name="AuthenticatorSequenceGroup">
-    <xs:sequence>
-      <xs:element ref="PreviousSession" minOccurs="0"/>
-      <xs:element ref="ResumeSession" minOccurs="0"/>
-      <xs:element ref="DigSig" minOccurs="0"/>
-      <xs:element ref="Password" minOccurs="0"/>
-      <xs:element ref="RestrictedPassword" minOccurs="0"/>
-      <xs:element ref="ZeroKnowledge" minOccurs="0"/>
-      <xs:element ref="SharedSecretChallengeResponse" minOccurs="0"/>
-      <xs:element ref="SharedSecretDynamicPlaintext" minOccurs="0"/>
-      <xs:element ref="IPAddress" minOccurs="0"/>
-      <xs:element ref="AsymmetricDecryption" minOccurs="0"/>
-      <xs:element ref="AsymmetricKeyAgreement" minOccurs="0"/>
-      <xs:element ref="SubscriberLineNumber" minOccurs="0"/>
-      <xs:element ref="UserSuffix" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:group>
-
-  <xs:complexType name="AuthenticatorBaseType">
-    <xs:sequence>
-      <xs:group ref="AuthenticatorChoiceGroup"/>
-      <xs:group ref="AuthenticatorSequenceGroup"/>
-    </xs:sequence>
-  </xs:complexType>
-  
-  <xs:complexType name="ComplexAuthenticatorType">
-    <xs:sequence>
-      <xs:group ref="AuthenticatorChoiceGroup"/>
-      <xs:group ref="AuthenticatorSequenceGroup"/>
-    </xs:sequence>
-  </xs:complexType>
-  
-  <xs:complexType name="AuthenticatorTransportProtocolType">
-    <xs:sequence>
-      <xs:choice minOccurs="0">
-        <xs:element ref="HTTP"/>
-        <xs:element ref="SSL"/>
-        <xs:element ref="MobileNetworkNoEncryption"/>
-        <xs:element ref="MobileNetworkRadioEncryption"/>
-        <xs:element ref="MobileNetworkEndToEndEncryption"/>
-        <xs:element ref="WTLS"/>
-        <xs:element ref="IPSec"/>
-        <xs:element ref="PSTN"/>
-        <xs:element ref="ISDN"/>
-        <xs:element ref="ADSL"/>
-      </xs:choice>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="KeyActivationType">
-    <xs:sequence>
-      <xs:element ref="ActivationPin" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="KeySharingType">
-    <xs:attribute name="sharing" type="xs:boolean" use="required"/>
-  </xs:complexType>
-
-  <xs:complexType name="PrivateKeyProtectionType">
-    <xs:sequence>
-      <xs:element ref="KeyActivation" minOccurs="0"/>
-      <xs:element ref="KeyStorage" minOccurs="0"/>
-      <xs:element ref="KeySharing" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="PasswordType">
-    <xs:sequence>
-      <xs:element ref="Length" minOccurs="0"/>
-      <xs:element ref="Alphabet" minOccurs="0"/>
-      <xs:element ref="Generation" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-    <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>
-  </xs:complexType>
-
-  <xs:element name="RestrictedPassword" type="RestrictedPasswordType"/>
-
-  <xs:complexType name="RestrictedPasswordType">
-    <xs:complexContent>
-      <xs:restriction base="PasswordType">
-        <xs:sequence>
-          <xs:element name="Length" type="RestrictedLengthType" minOccurs="1"/>
-          <xs:element ref="Generation" minOccurs="0"/>
-          <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-        </xs:sequence>
-        <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>
-      </xs:restriction>
-    </xs:complexContent>
-  </xs:complexType>
-  
-  <xs:complexType name="RestrictedLengthType">
-    <xs:complexContent>
-      <xs:restriction base="LengthType">
-        <xs:attribute name="min" use="required">
-          <xs:simpleType>
-            <xs:restriction base="xs:integer">
-              <xs:minInclusive value="3"/>
-            </xs:restriction>
-          </xs:simpleType>
-        </xs:attribute>
-        <xs:attribute name="max" type="xs:integer" use="optional"/>
-      </xs:restriction>
-    </xs:complexContent>
-  </xs:complexType>
-
-  <xs:complexType name="ActivationPinType">
-    <xs:sequence>
-      <xs:element ref="Length" minOccurs="0"/>
-      <xs:element ref="Alphabet" minOccurs="0"/>
-      <xs:element ref="Generation" minOccurs="0"/>
-      <xs:element ref="ActivationLimit" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-  
-  <xs:element name="Alphabet" type="AlphabetType"/>
-  <xs:complexType name="AlphabetType">
-    <xs:attribute name="requiredChars" type="xs:string" use="required"/>
-    <xs:attribute name="excludedChars" type="xs:string" use="optional"/>
-    <xs:attribute name="case" type="xs:string" use="optional"/>
-  </xs:complexType>
-  
-  <xs:complexType name="TokenType">
-    <xs:sequence>
-      <xs:element ref="TimeSyncToken"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-  
-  <xs:simpleType name="DeviceTypeType">
-    <xs:restriction base="xs:NMTOKEN">
-      <xs:enumeration value="hardware"/>
-      <xs:enumeration value="software"/>
-    </xs:restriction>
-  </xs:simpleType>
-  
-  <xs:simpleType name="booleanType">
-    <xs:restriction base="xs:NMTOKEN">
-      <xs:enumeration value="true"/>
-      <xs:enumeration value="false"/>
-    </xs:restriction>
-  </xs:simpleType>
-  
-  <xs:complexType name="TimeSyncTokenType">
-    <xs:attribute name="DeviceType" type="DeviceTypeType" use="required"/>
-    <xs:attribute name="SeedLength" type="xs:integer" use="required"/>
-    <xs:attribute name="DeviceInHand" type="booleanType" use="required"/>
-  </xs:complexType>
-  
-  <xs:complexType name="ActivationLimitType">
-    <xs:choice>
-      <xs:element ref="ActivationLimitDuration"/>
-      <xs:element ref="ActivationLimitUsages"/>
-      <xs:element ref="ActivationLimitSession"/>
-    </xs:choice>
-  </xs:complexType>
-  
-  <xs:element name="ActivationLimitDuration" type="ActivationLimitDurationType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Key Activation Limit is
-        defined as a specific duration of time.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-  
-  <xs:element name="ActivationLimitUsages" type="ActivationLimitUsagesType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Key Activation Limit is
-        defined as a number of usages.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-  
-  <xs:element name="ActivationLimitSession" type="ActivationLimitSessionType">
-    <xs:annotation>
-      <xs:documentation>
-        This element indicates that the Key Activation Limit is
-        the session.
-      </xs:documentation>
-    </xs:annotation>
-  </xs:element>
-  
-  <xs:complexType name="ActivationLimitDurationType">
-    <xs:attribute name="duration" type="xs:duration" use="required"/>
-  </xs:complexType>
-  
-  <xs:complexType name="ActivationLimitUsagesType">
-    <xs:attribute name="number" type="xs:integer" use="required"/>
-  </xs:complexType>
-  
-  <xs:complexType name="ActivationLimitSessionType"/>
-  
-  <xs:complexType name="LengthType">
-    <xs:attribute name="min" type="xs:integer" use="required"/>
-    <xs:attribute name="max" type="xs:integer" use="optional"/>
-  </xs:complexType>
-
-  <xs:simpleType name="mediumType">
-    <xs:restriction base="xs:NMTOKEN">
-      <xs:enumeration value="memory"/>
-      <xs:enumeration value="smartcard"/>
-      <xs:enumeration value="token"/>
-      <xs:enumeration value="MobileDevice"/>
-      <xs:enumeration value="MobileAuthCard"/>
-    </xs:restriction>
-  </xs:simpleType>
-
-  <xs:complexType name="KeyStorageType">
-    <xs:attribute name="medium" type="mediumType" use="required"/>
-  </xs:complexType>
-
-  <xs:complexType name="SecretKeyProtectionType">
-    <xs:sequence>
-      <xs:element ref="KeyActivation" minOccurs="0"/>
-      <xs:element ref="KeyStorage" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="SecurityAuditType">
-    <xs:sequence>
-      <xs:element ref="SwitchAudit" minOccurs="0"/>
-      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-  <xs:complexType name="ExtensionOnlyType">
-    <xs:sequence>
-      <xs:element ref="Extension" minOccurs="0"  maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-  
-  <xs:element name="Extension" type="ExtensionType"/>
-
-  <xs:complexType name="ExtensionType">
-    <xs:sequence>
-      <xs:any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
-    </xs:sequence>
-  </xs:complexType>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema 
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  elementFormDefault="qualified"
+  version="2.0">
+
+  <xs:annotation>
+    <xs:documentation>
+      Document identifier: saml-schema-authn-context-types-2.0
+      Location: http://docs.oasis-open.org/security/saml/v2.0/
+      Revision history:
+          V2.0 (March, 2005):
+          New core authentication context schema types for SAML V2.0. 
+    </xs:documentation>
+  </xs:annotation>
+
+  <xs:element name="AuthenticationContextDeclaration" type="AuthnContextDeclarationBaseType">
+    <xs:annotation>
+      <xs:documentation>
+        A particular assertion on an identity
+        provider's part with respect to the authentication
+        context associated with an authentication assertion.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="Identification" type="IdentificationType">
+    <xs:annotation>
+      <xs:documentation>
+        Refers to those characteristics that describe the
+        processes and mechanisms
+        the Authentication Authority uses to initially create
+        an association between a Principal
+        and the identity (or name) by which the Principal will
+        be known
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="PhysicalVerification">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that identification has been
+        performed in a physical
+        face-to-face meeting with the principal and not in an
+        online manner.
+      </xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:attribute name="credentialLevel">
+        <xs:simpleType>
+          <xs:restriction base="xs:NMTOKEN">
+            <xs:enumeration value="primary"/>
+            <xs:enumeration value="secondary"/>
+          </xs:restriction>
+        </xs:simpleType>
+      </xs:attribute>
+    </xs:complexType>
+  </xs:element>
+
+  <xs:element name="WrittenConsent" type="ExtensionOnlyType"/>
+
+  <xs:element name="TechnicalProtection" type="TechnicalProtectionBaseType">
+    <xs:annotation>
+      <xs:documentation>
+        Refers to those characterstics that describe how the
+        'secret' (the knowledge or possession
+        of which allows the Principal to authenticate to the
+        Authentication Authority) is kept secure
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="SecretKeyProtection" type="SecretKeyProtectionType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates the types and strengths of
+        facilities
+        of a UA used to protect a shared secret key from
+        unauthorized access and/or use.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="PrivateKeyProtection" type="PrivateKeyProtectionType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates the types and strengths of
+        facilities
+        of a UA used to protect a private key from
+        unauthorized access and/or use.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="KeyActivation" type="KeyActivationType">
+    <xs:annotation>
+      <xs:documentation>The actions that must be performed
+        before the private key can be used. </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="KeySharing" type="KeySharingType">
+    <xs:annotation>
+      <xs:documentation>Whether or not the private key is shared
+        with the certificate authority.</xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="KeyStorage" type="KeyStorageType">
+    <xs:annotation>
+      <xs:documentation>
+        In which medium is the key stored.
+        memory - the key is stored in memory.
+        smartcard - the key is stored in a smartcard.
+        token - the key is stored in a hardware token.
+        MobileDevice - the key is stored in a mobile device.
+        MobileAuthCard - the key is stored in a mobile
+        authentication card.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="SubscriberLineNumber" type="ExtensionOnlyType"/>
+  <xs:element name="UserSuffix" type="ExtensionOnlyType"/>
+
+  <xs:element name="Password" type="PasswordType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that a password (or passphrase)
+        has been used to
+        authenticate the Principal to a remote system.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="ActivationPin" type="ActivationPinType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that a Pin (Personal
+        Identification Number) has been used to authenticate the Principal to
+        some local system in order to activate a key.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="Token" type="TokenType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that a hardware or software
+        token is used
+        as a method of identifying the Principal.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="TimeSyncToken" type="TimeSyncTokenType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that a time synchronization
+        token is used to identify the Principal. hardware -
+        the time synchonization
+        token has been implemented in hardware. software - the
+        time synchronization
+        token has been implemented in software. SeedLength -
+        the length, in bits, of the
+        random seed used in the time synchronization token.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="Smartcard" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that a smartcard is used to
+        identity the Principal.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="Length" type="LengthType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates the minimum and/or maximum
+        ASCII length of the password which is enforced (by the UA or the
+        IdP). In other words, this is the minimum and/or maximum number of
+        ASCII characters required to represent a valid password.
+        min - the minimum number of ASCII characters required
+        in a valid password, as enforced by the UA or the IdP.
+        max - the maximum number of ASCII characters required
+        in a valid password, as enforced by the UA or the IdP.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="ActivationLimit" type="ActivationLimitType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates the length of time for which an
+        PIN-based authentication is valid.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="Generation">
+    <xs:annotation>
+      <xs:documentation>
+        Indicates whether the password was chosen by the
+        Principal or auto-supplied by the Authentication Authority.
+        principalchosen - the Principal is allowed to choose
+        the value of the password. This is true even if
+        the initial password is chosen at random by the UA or
+        the IdP and the Principal is then free to change
+        the password.
+        automatic - the password is chosen by the UA or the
+        IdP to be cryptographically strong in some sense,
+        or to satisfy certain password rules, and that the
+        Principal is not free to change it or to choose a new password.
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType>
+      <xs:attribute name="mechanism" use="required">
+        <xs:simpleType>
+          <xs:restriction base="xs:NMTOKEN">
+            <xs:enumeration value="principalchosen"/>
+            <xs:enumeration value="automatic"/>
+          </xs:restriction>
+        </xs:simpleType>
+      </xs:attribute>
+    </xs:complexType>
+  </xs:element>
+
+  <xs:element name="AuthnMethod" type="AuthnMethodBaseType">
+    <xs:annotation>
+      <xs:documentation>
+        Refers to those characteristics that define the
+        mechanisms by which the Principal authenticates to the Authentication
+        Authority.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="PrincipalAuthenticationMechanism" type="PrincipalAuthenticationMechanismType">
+    <xs:annotation>
+      <xs:documentation>
+        The method that a Principal employs to perform
+        authentication to local system components.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="Authenticator" type="AuthenticatorBaseType">
+    <xs:annotation>
+      <xs:documentation>
+        The method applied to validate a principal's
+        authentication across a network
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="ComplexAuthenticator" type="ComplexAuthenticatorType">
+    <xs:annotation>
+      <xs:documentation>
+        Supports Authenticators with nested combinations of
+        additional complexity.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="PreviousSession" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        Indicates that the Principal has been strongly
+        authenticated in a previous session during which the IdP has set a
+        cookie in the UA. During the present session the Principal has only
+        been authenticated by the UA returning the cookie to the IdP.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="ResumeSession" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        Rather like PreviousSession but using stronger
+        security. A secret that was established in a previous session with
+        the Authentication Authority has been cached by the local system and
+        is now re-used (e.g. a Master Secret is used to derive new session
+        keys in TLS, SSL, WTLS).
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="ZeroKnowledge" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Principal has been
+        authenticated by a zero knowledge technique as specified in ISO/IEC
+        9798-5.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="SharedSecretChallengeResponse" type="SharedSecretChallengeResponseType"/>
+
+  <xs:complexType name="SharedSecretChallengeResponseType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Principal has been
+        authenticated by a challenge-response protocol utilizing shared secret
+        keys and symmetric cryptography.
+      </xs:documentation>
+    </xs:annotation>
+    <xs:sequence>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+    <xs:attribute name="method" type="xs:anyURI" use="optional"/>
+  </xs:complexType>
+
+  <xs:element name="DigSig" type="PublicKeyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Principal has been
+        authenticated by a mechanism which involves the Principal computing a
+        digital signature over at least challenge data provided by the IdP.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="AsymmetricDecryption" type="PublicKeyType">
+    <xs:annotation>
+      <xs:documentation>
+        The local system has a private key but it is used
+        in decryption mode, rather than signature mode. For example, the
+        Authentication Authority generates a secret and encrypts it using the
+        local system's public key: the local system then proves it has
+        decrypted the secret.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="AsymmetricKeyAgreement" type="PublicKeyType">
+    <xs:annotation>
+      <xs:documentation>
+        The local system has a private key and uses it for
+        shared secret key agreement with the Authentication Authority (e.g.
+        via Diffie Helman).
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:complexType name="PublicKeyType">
+    <xs:sequence>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+    <xs:attribute name="keyValidation" use="optional"/>
+  </xs:complexType>
+
+  <xs:element name="IPAddress" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Principal has been
+        authenticated through connection from a particular IP address.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="SharedSecretDynamicPlaintext" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        The local system and Authentication Authority
+        share a secret key. The local system uses this to encrypt a
+        randomised string to pass to the Authentication Authority.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="AuthenticatorTransportProtocol" type="AuthenticatorTransportProtocolType">
+    <xs:annotation>
+      <xs:documentation>
+        The protocol across which Authenticator information is
+        transferred to an Authentication Authority verifier.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="HTTP" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Authenticator has been
+        transmitted using bare HTTP utilizing no additional security
+        protocols.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="IPSec" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Authenticator has been
+        transmitted using a transport mechanism protected by an IPSEC session.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  
+  <xs:element name="WTLS" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Authenticator has been
+        transmitted using a transport mechanism protected by a WTLS session.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="MobileNetworkNoEncryption" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Authenticator has been
+        transmitted solely across a mobile network using no additional
+        security mechanism.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="MobileNetworkRadioEncryption" type="ExtensionOnlyType"/>
+  <xs:element name="MobileNetworkEndToEndEncryption" type="ExtensionOnlyType"/>
+
+  <xs:element name="SSL" type="ExtensionOnlyType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Authenticator has been
+        transmitted using a transport mechnanism protected by an SSL or TLS
+        session.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  
+  <xs:element name="PSTN" type="ExtensionOnlyType"/>
+  <xs:element name="ISDN" type="ExtensionOnlyType"/>
+  <xs:element name="ADSL" type="ExtensionOnlyType"/>
+
+  <xs:element name="OperationalProtection" type="OperationalProtectionType">
+    <xs:annotation>
+      <xs:documentation>
+        Refers to those characteristics that describe
+        procedural security controls employed by the Authentication Authority.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="SecurityAudit" type="SecurityAuditType"/>
+  <xs:element name="SwitchAudit" type="ExtensionOnlyType"/>
+  <xs:element name="DeactivationCallCenter" type="ExtensionOnlyType"/>
+
+  <xs:element name="GoverningAgreements" type="GoverningAgreementsType">
+    <xs:annotation>
+      <xs:documentation>
+        Provides a mechanism for linking to external (likely
+        human readable) documents in which additional business agreements,
+        (e.g. liability constraints, obligations, etc) can be placed.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+
+  <xs:element name="GoverningAgreementRef" type="GoverningAgreementRefType"/>
+
+  <xs:simpleType name="nymType">
+    <xs:restriction base="xs:NMTOKEN">
+      <xs:enumeration value="anonymity"/>
+      <xs:enumeration value="verinymity"/>
+      <xs:enumeration value="pseudonymity"/>
+    </xs:restriction>
+  </xs:simpleType>
+
+  <xs:complexType name="AuthnContextDeclarationBaseType">
+    <xs:sequence>
+      <xs:element ref="Identification" minOccurs="0"/>
+      <xs:element ref="TechnicalProtection" minOccurs="0"/>
+      <xs:element ref="OperationalProtection" minOccurs="0"/>
+      <xs:element ref="AuthnMethod" minOccurs="0"/>
+      <xs:element ref="GoverningAgreements" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+    <xs:attribute name="ID" type="xs:ID" use="optional"/>
+  </xs:complexType>
+  
+  <xs:complexType name="IdentificationType">
+    <xs:sequence>
+      <xs:element ref="PhysicalVerification" minOccurs="0"/>
+      <xs:element ref="WrittenConsent" minOccurs="0"/>
+      <xs:element ref="GoverningAgreements" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+    <xs:attribute name="nym" type="nymType">
+      <xs:annotation>
+        <xs:documentation>
+          This attribute indicates whether or not the
+          Identification mechanisms allow the actions of the Principal to be
+          linked to an actual end user.
+        </xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
+  </xs:complexType>
+
+  <xs:complexType name="TechnicalProtectionBaseType">
+    <xs:sequence>
+      <xs:choice minOccurs="0">
+        <xs:element ref="PrivateKeyProtection"/>
+        <xs:element ref="SecretKeyProtection"/>
+      </xs:choice>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="OperationalProtectionType">
+    <xs:sequence>
+      <xs:element ref="SecurityAudit" minOccurs="0"/>
+      <xs:element ref="DeactivationCallCenter" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="AuthnMethodBaseType">
+    <xs:sequence>
+      <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
+      <xs:element ref="Authenticator" minOccurs="0"/>
+      <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="GoverningAgreementsType">
+    <xs:sequence>
+      <xs:element ref="GoverningAgreementRef" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="GoverningAgreementRefType">
+    <xs:attribute name="governingAgreementRef" type="xs:anyURI" use="required"/>
+  </xs:complexType>
+
+  <xs:complexType name="PrincipalAuthenticationMechanismType">
+    <xs:sequence>
+      <xs:element ref="Password" minOccurs="0"/>
+      <xs:element ref="RestrictedPassword" minOccurs="0"/>
+      <xs:element ref="Token" minOccurs="0"/>
+      <xs:element ref="Smartcard" minOccurs="0"/>
+      <xs:element ref="ActivationPin" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+    <xs:attribute name="preauth" type="xs:integer" use="optional"/>
+  </xs:complexType>
+  
+  <xs:group name="AuthenticatorChoiceGroup">
+    <xs:choice>
+      <xs:element ref="PreviousSession"/>
+      <xs:element ref="ResumeSession"/>
+      <xs:element ref="DigSig"/>
+      <xs:element ref="Password"/>
+      <xs:element ref="RestrictedPassword"/>
+      <xs:element ref="ZeroKnowledge"/>
+      <xs:element ref="SharedSecretChallengeResponse"/>
+      <xs:element ref="SharedSecretDynamicPlaintext"/>
+      <xs:element ref="IPAddress"/>
+      <xs:element ref="AsymmetricDecryption"/>
+      <xs:element ref="AsymmetricKeyAgreement"/>
+      <xs:element ref="SubscriberLineNumber"/>
+      <xs:element ref="UserSuffix"/>
+      <xs:element ref="ComplexAuthenticator"/>
+    </xs:choice>
+  </xs:group>
+  
+  <xs:group name="AuthenticatorSequenceGroup">
+    <xs:sequence>
+      <xs:element ref="PreviousSession" minOccurs="0"/>
+      <xs:element ref="ResumeSession" minOccurs="0"/>
+      <xs:element ref="DigSig" minOccurs="0"/>
+      <xs:element ref="Password" minOccurs="0"/>
+      <xs:element ref="RestrictedPassword" minOccurs="0"/>
+      <xs:element ref="ZeroKnowledge" minOccurs="0"/>
+      <xs:element ref="SharedSecretChallengeResponse" minOccurs="0"/>
+      <xs:element ref="SharedSecretDynamicPlaintext" minOccurs="0"/>
+      <xs:element ref="IPAddress" minOccurs="0"/>
+      <xs:element ref="AsymmetricDecryption" minOccurs="0"/>
+      <xs:element ref="AsymmetricKeyAgreement" minOccurs="0"/>
+      <xs:element ref="SubscriberLineNumber" minOccurs="0"/>
+      <xs:element ref="UserSuffix" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:group>
+
+  <xs:complexType name="AuthenticatorBaseType">
+    <xs:sequence>
+      <xs:group ref="AuthenticatorChoiceGroup"/>
+      <xs:group ref="AuthenticatorSequenceGroup"/>
+    </xs:sequence>
+  </xs:complexType>
+  
+  <xs:complexType name="ComplexAuthenticatorType">
+    <xs:sequence>
+      <xs:group ref="AuthenticatorChoiceGroup"/>
+      <xs:group ref="AuthenticatorSequenceGroup"/>
+    </xs:sequence>
+  </xs:complexType>
+  
+  <xs:complexType name="AuthenticatorTransportProtocolType">
+    <xs:sequence>
+      <xs:choice minOccurs="0">
+        <xs:element ref="HTTP"/>
+        <xs:element ref="SSL"/>
+        <xs:element ref="MobileNetworkNoEncryption"/>
+        <xs:element ref="MobileNetworkRadioEncryption"/>
+        <xs:element ref="MobileNetworkEndToEndEncryption"/>
+        <xs:element ref="WTLS"/>
+        <xs:element ref="IPSec"/>
+        <xs:element ref="PSTN"/>
+        <xs:element ref="ISDN"/>
+        <xs:element ref="ADSL"/>
+      </xs:choice>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="KeyActivationType">
+    <xs:sequence>
+      <xs:element ref="ActivationPin" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="KeySharingType">
+    <xs:attribute name="sharing" type="xs:boolean" use="required"/>
+  </xs:complexType>
+
+  <xs:complexType name="PrivateKeyProtectionType">
+    <xs:sequence>
+      <xs:element ref="KeyActivation" minOccurs="0"/>
+      <xs:element ref="KeyStorage" minOccurs="0"/>
+      <xs:element ref="KeySharing" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="PasswordType">
+    <xs:sequence>
+      <xs:element ref="Length" minOccurs="0"/>
+      <xs:element ref="Alphabet" minOccurs="0"/>
+      <xs:element ref="Generation" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+    <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>
+  </xs:complexType>
+
+  <xs:element name="RestrictedPassword" type="RestrictedPasswordType"/>
+
+  <xs:complexType name="RestrictedPasswordType">
+    <xs:complexContent>
+      <xs:restriction base="PasswordType">
+        <xs:sequence>
+          <xs:element name="Length" type="RestrictedLengthType" minOccurs="1"/>
+          <xs:element ref="Generation" minOccurs="0"/>
+          <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+        </xs:sequence>
+        <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>
+      </xs:restriction>
+    </xs:complexContent>
+  </xs:complexType>
+  
+  <xs:complexType name="RestrictedLengthType">
+    <xs:complexContent>
+      <xs:restriction base="LengthType">
+        <xs:attribute name="min" use="required">
+          <xs:simpleType>
+            <xs:restriction base="xs:integer">
+              <xs:minInclusive value="3"/>
+            </xs:restriction>
+          </xs:simpleType>
+        </xs:attribute>
+        <xs:attribute name="max" type="xs:integer" use="optional"/>
+      </xs:restriction>
+    </xs:complexContent>
+  </xs:complexType>
+
+  <xs:complexType name="ActivationPinType">
+    <xs:sequence>
+      <xs:element ref="Length" minOccurs="0"/>
+      <xs:element ref="Alphabet" minOccurs="0"/>
+      <xs:element ref="Generation" minOccurs="0"/>
+      <xs:element ref="ActivationLimit" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+  
+  <xs:element name="Alphabet" type="AlphabetType"/>
+  <xs:complexType name="AlphabetType">
+    <xs:attribute name="requiredChars" type="xs:string" use="required"/>
+    <xs:attribute name="excludedChars" type="xs:string" use="optional"/>
+    <xs:attribute name="case" type="xs:string" use="optional"/>
+  </xs:complexType>
+  
+  <xs:complexType name="TokenType">
+    <xs:sequence>
+      <xs:element ref="TimeSyncToken"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+  
+  <xs:simpleType name="DeviceTypeType">
+    <xs:restriction base="xs:NMTOKEN">
+      <xs:enumeration value="hardware"/>
+      <xs:enumeration value="software"/>
+    </xs:restriction>
+  </xs:simpleType>
+  
+  <xs:simpleType name="booleanType">
+    <xs:restriction base="xs:NMTOKEN">
+      <xs:enumeration value="true"/>
+      <xs:enumeration value="false"/>
+    </xs:restriction>
+  </xs:simpleType>
+  
+  <xs:complexType name="TimeSyncTokenType">
+    <xs:attribute name="DeviceType" type="DeviceTypeType" use="required"/>
+    <xs:attribute name="SeedLength" type="xs:integer" use="required"/>
+    <xs:attribute name="DeviceInHand" type="booleanType" use="required"/>
+  </xs:complexType>
+  
+  <xs:complexType name="ActivationLimitType">
+    <xs:choice>
+      <xs:element ref="ActivationLimitDuration"/>
+      <xs:element ref="ActivationLimitUsages"/>
+      <xs:element ref="ActivationLimitSession"/>
+    </xs:choice>
+  </xs:complexType>
+  
+  <xs:element name="ActivationLimitDuration" type="ActivationLimitDurationType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Key Activation Limit is
+        defined as a specific duration of time.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  
+  <xs:element name="ActivationLimitUsages" type="ActivationLimitUsagesType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Key Activation Limit is
+        defined as a number of usages.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  
+  <xs:element name="ActivationLimitSession" type="ActivationLimitSessionType">
+    <xs:annotation>
+      <xs:documentation>
+        This element indicates that the Key Activation Limit is
+        the session.
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  
+  <xs:complexType name="ActivationLimitDurationType">
+    <xs:attribute name="duration" type="xs:duration" use="required"/>
+  </xs:complexType>
+  
+  <xs:complexType name="ActivationLimitUsagesType">
+    <xs:attribute name="number" type="xs:integer" use="required"/>
+  </xs:complexType>
+  
+  <xs:complexType name="ActivationLimitSessionType"/>
+  
+  <xs:complexType name="LengthType">
+    <xs:attribute name="min" type="xs:integer" use="required"/>
+    <xs:attribute name="max" type="xs:integer" use="optional"/>
+  </xs:complexType>
+
+  <xs:simpleType name="mediumType">
+    <xs:restriction base="xs:NMTOKEN">
+      <xs:enumeration value="memory"/>
+      <xs:enumeration value="smartcard"/>
+      <xs:enumeration value="token"/>
+      <xs:enumeration value="MobileDevice"/>
+      <xs:enumeration value="MobileAuthCard"/>
+    </xs:restriction>
+  </xs:simpleType>
+
+  <xs:complexType name="KeyStorageType">
+    <xs:attribute name="medium" type="mediumType" use="required"/>
+  </xs:complexType>
+
+  <xs:complexType name="SecretKeyProtectionType">
+    <xs:sequence>
+      <xs:element ref="KeyActivation" minOccurs="0"/>
+      <xs:element ref="KeyStorage" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="SecurityAuditType">
+    <xs:sequence>
+      <xs:element ref="SwitchAudit" minOccurs="0"/>
+      <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name="ExtensionOnlyType">
+    <xs:sequence>
+      <xs:element ref="Extension" minOccurs="0"  maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+  
+  <xs:element name="Extension" type="ExtensionType"/>
+
+  <xs:complexType name="ExtensionType">
+    <xs:sequence>
+      <xs:any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
+    </xs:sequence>
+  </xs:complexType>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-x509-2.0.xsd b/schemas/saml-schema-authn-context-x509-2.0.xsd
index 7ea725f..ce4bd65 100644
--- a/schemas/saml-schema-authn-context-x509-2.0.xsd
+++ b/schemas/saml-schema-authn-context-x509-2.0.xsd
@@ -1,83 +1,83 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:X509
-        Document identifier: saml-schema-authn-context-x509-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-    
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="DigSig"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PublicKeyType">
-      <xs:complexContent>
-        <xs:restriction base="PublicKeyType">
-          <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:X509
+        Document identifier: saml-schema-authn-context-x509-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+    
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="DigSig"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PublicKeyType">
+      <xs:complexContent>
+        <xs:restriction base="PublicKeyType">
+          <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-authn-context-xmldsig-2.0.xsd b/schemas/saml-schema-authn-context-xmldsig-2.0.xsd
index 2616411..61fe0ac 100644
--- a/schemas/saml-schema-authn-context-xmldsig-2.0.xsd
+++ b/schemas/saml-schema-authn-context-xmldsig-2.0.xsd
@@ -1,83 +1,83 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig"
-  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
-  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig"
-  finalDefault="extension"
-  blockDefault="substitution"
-  version="2.0">
-
-  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
-    <xs:annotation>
-      <xs:documentation> 
-        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig
-        Document identifier: saml-schema-authn-context-xmldsig-2.0
-        Location: http://docs.oasis-open.org/security/saml/v2.0/
-        Revision history:
-          V2.0 (March, 2005):
-            New authentication context class schema for SAML V2.0. 
-      </xs:documentation>
-    </xs:annotation>
-
-    <xs:complexType name="AuthnContextDeclarationBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnContextDeclarationBaseType">
-          <xs:sequence>
-            <xs:element ref="Identification" minOccurs="0"/>
-            <xs:element ref="TechnicalProtection" minOccurs="0"/>
-            <xs:element ref="OperationalProtection" minOccurs="0"/>
-            <xs:element ref="AuthnMethod"/>
-            <xs:element ref="GoverningAgreements" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-          <xs:attribute name="ID" type="xs:ID" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthnMethodBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthnMethodBaseType">
-          <xs:sequence>
-            <xs:element ref="PrincipalAuthenticationMechanism"/>
-            <xs:element ref="Authenticator"/>
-            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
-            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>    
-    
-    <xs:complexType name="PrincipalAuthenticationMechanismType">
-      <xs:complexContent>
-        <xs:restriction base="PrincipalAuthenticationMechanismType">
-          <xs:sequence>
-            <xs:element ref="RestrictedPassword"/>
-          </xs:sequence>
-          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="AuthenticatorBaseType">
-      <xs:complexContent>
-        <xs:restriction base="AuthenticatorBaseType">
-          <xs:sequence>
-            <xs:element ref="DigSig"/>
-          </xs:sequence>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-    <xs:complexType name="PublicKeyType">
-      <xs:complexContent>
-        <xs:restriction base="PublicKeyType">
-          <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:ietf:rfc:3075"/>
-        </xs:restriction>
-      </xs:complexContent>
-    </xs:complexType>
-
-  </xs:redefine>
-
-</xs:schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig"
+  finalDefault="extension"
+  blockDefault="substitution"
+  version="2.0">
+
+  <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
+
+    <xs:annotation>
+      <xs:documentation> 
+        Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig
+        Document identifier: saml-schema-authn-context-xmldsig-2.0
+        Location: http://docs.oasis-open.org/security/saml/v2.0/
+        Revision history:
+          V2.0 (March, 2005):
+            New authentication context class schema for SAML V2.0. 
+      </xs:documentation>
+    </xs:annotation>
+
+    <xs:complexType name="AuthnContextDeclarationBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnContextDeclarationBaseType">
+          <xs:sequence>
+            <xs:element ref="Identification" minOccurs="0"/>
+            <xs:element ref="TechnicalProtection" minOccurs="0"/>
+            <xs:element ref="OperationalProtection" minOccurs="0"/>
+            <xs:element ref="AuthnMethod"/>
+            <xs:element ref="GoverningAgreements" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+          <xs:attribute name="ID" type="xs:ID" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthnMethodBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthnMethodBaseType">
+          <xs:sequence>
+            <xs:element ref="PrincipalAuthenticationMechanism"/>
+            <xs:element ref="Authenticator"/>
+            <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
+            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>    
+    
+    <xs:complexType name="PrincipalAuthenticationMechanismType">
+      <xs:complexContent>
+        <xs:restriction base="PrincipalAuthenticationMechanismType">
+          <xs:sequence>
+            <xs:element ref="RestrictedPassword"/>
+          </xs:sequence>
+          <xs:attribute name="preauth" type="xs:integer" use="optional"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="AuthenticatorBaseType">
+      <xs:complexContent>
+        <xs:restriction base="AuthenticatorBaseType">
+          <xs:sequence>
+            <xs:element ref="DigSig"/>
+          </xs:sequence>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+    <xs:complexType name="PublicKeyType">
+      <xs:complexContent>
+        <xs:restriction base="PublicKeyType">
+          <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:ietf:rfc:3075"/>
+        </xs:restriction>
+      </xs:complexContent>
+    </xs:complexType>
+
+  </xs:redefine>
+
+</xs:schema>
diff --git a/schemas/saml-schema-dce-2.0.xsd b/schemas/saml-schema-dce-2.0.xsd
index 719dfe9..e89be86 100644
--- a/schemas/saml-schema-dce-2.0.xsd
+++ b/schemas/saml-schema-dce-2.0.xsd
@@ -1,29 +1,29 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE"
-    xmlns:dce="urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <annotation>
-        <documentation>
-            Document identifier: saml-schema-dce-2.0
-            Location: http://docs.oasis-open.org/security/saml/v2.0/
-            Revision history:
-            V2.0 (March, 2005):
-                Custom schema for DCE attribute profile, first published in SAML 2.0.
-        </documentation>
-    </annotation>
-    <complexType name="DCEValueType">
-        <simpleContent>
-            <extension base="anyURI">
-                <attribute ref="dce:Realm" use="optional"/>
-                <attribute ref="dce:FriendlyName" use="optional"/>
-            </extension>
-        </simpleContent>
-    </complexType>
-    <attribute name="Realm" type="anyURI"/>
-    <attribute name="FriendlyName" type="string"/>
-</schema>
-
+<?xml version="1.0" encoding="UTF-8"?>
+<schema targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE"
+    xmlns:dce="urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <annotation>
+        <documentation>
+            Document identifier: saml-schema-dce-2.0
+            Location: http://docs.oasis-open.org/security/saml/v2.0/
+            Revision history:
+            V2.0 (March, 2005):
+                Custom schema for DCE attribute profile, first published in SAML 2.0.
+        </documentation>
+    </annotation>
+    <complexType name="DCEValueType">
+        <simpleContent>
+            <extension base="anyURI">
+                <attribute ref="dce:Realm" use="optional"/>
+                <attribute ref="dce:FriendlyName" use="optional"/>
+            </extension>
+        </simpleContent>
+    </complexType>
+    <attribute name="Realm" type="anyURI"/>
+    <attribute name="FriendlyName" type="string"/>
+</schema>
+
diff --git a/schemas/saml-schema-ecp-2.0.xsd b/schemas/saml-schema-ecp-2.0.xsd
index 9eb457b..e3f24b9 100644
--- a/schemas/saml-schema-ecp-2.0.xsd
+++ b/schemas/saml-schema-ecp-2.0.xsd
@@ -1,57 +1,57 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
-    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
-    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-    xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
-        schemaLocation="saml-schema-protocol-2.0.xsd"/>
-    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
-        schemaLocation="saml-schema-assertion-2.0.xsd"/>
-    <import namespace="http://schemas.xmlsoap.org/soap/envelope/"
-        schemaLocation="http://schemas.xmlsoap.org/soap/envelope/"/>
-    <annotation>
-        <documentation>
-            Document identifier: saml-schema-ecp-2.0
-            Location: http://docs.oasis-open.org/security/saml/v2.0/
-            Revision history:
-              V2.0 (March, 2005):
-                Custom schema for ECP profile, first published in SAML 2.0.
-        </documentation>
-    </annotation>
-
-    <element name="Request" type="ecp:RequestType"/>
-    <complexType name="RequestType">
-        <sequence>
-            <element ref="saml:Issuer"/>
-            <element ref="samlp:IDPList" minOccurs="0"/>
-        </sequence>
-        <attribute ref="S:mustUnderstand" use="required"/>
-        <attribute ref="S:actor" use="required"/>
-        <attribute name="ProviderName" type="string" use="optional"/>
-        <attribute name="IsPassive" type="boolean" use="optional"/>
-    </complexType>
-    
-    <element name="Response" type="ecp:ResponseType"/>
-    <complexType name="ResponseType">
-        <attribute ref="S:mustUnderstand" use="required"/>
-        <attribute ref="S:actor" use="required"/>
-        <attribute name="AssertionConsumerServiceURL" type="anyURI" use="required"/>
-    </complexType>
-    
-    <element name="RelayState" type="ecp:RelayStateType"/>
-    <complexType name="RelayStateType">
-        <simpleContent>
-            <extension base="string">
-                <attribute ref="S:mustUnderstand" use="required"/>
-                <attribute ref="S:actor" use="required"/>
-            </extension>
-        </simpleContent>
-    </complexType>
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
+    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
+        schemaLocation="saml-schema-protocol-2.0.xsd"/>
+    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
+        schemaLocation="saml-schema-assertion-2.0.xsd"/>
+    <import namespace="http://schemas.xmlsoap.org/soap/envelope/"
+        schemaLocation="http://schemas.xmlsoap.org/soap/envelope/"/>
+    <annotation>
+        <documentation>
+            Document identifier: saml-schema-ecp-2.0
+            Location: http://docs.oasis-open.org/security/saml/v2.0/
+            Revision history:
+              V2.0 (March, 2005):
+                Custom schema for ECP profile, first published in SAML 2.0.
+        </documentation>
+    </annotation>
+
+    <element name="Request" type="ecp:RequestType"/>
+    <complexType name="RequestType">
+        <sequence>
+            <element ref="saml:Issuer"/>
+            <element ref="samlp:IDPList" minOccurs="0"/>
+        </sequence>
+        <attribute ref="S:mustUnderstand" use="required"/>
+        <attribute ref="S:actor" use="required"/>
+        <attribute name="ProviderName" type="string" use="optional"/>
+        <attribute name="IsPassive" type="boolean" use="optional"/>
+    </complexType>
+    
+    <element name="Response" type="ecp:ResponseType"/>
+    <complexType name="ResponseType">
+        <attribute ref="S:mustUnderstand" use="required"/>
+        <attribute ref="S:actor" use="required"/>
+        <attribute name="AssertionConsumerServiceURL" type="anyURI" use="required"/>
+    </complexType>
+    
+    <element name="RelayState" type="ecp:RelayStateType"/>
+    <complexType name="RelayStateType">
+        <simpleContent>
+            <extension base="string">
+                <attribute ref="S:mustUnderstand" use="required"/>
+                <attribute ref="S:actor" use="required"/>
+            </extension>
+        </simpleContent>
+    </complexType>
+</schema>
diff --git a/schemas/saml-schema-metadata-2.0.xsd b/schemas/saml-schema-metadata-2.0.xsd
index 0d158c0..923b598 100644
--- a/schemas/saml-schema-metadata-2.0.xsd
+++ b/schemas/saml-schema-metadata-2.0.xsd
@@ -1,337 +1,337 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata"
-    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
-    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
-    xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
-    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <import namespace="http://www.w3.org/2000/09/xmldsig#"
-        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
-    <import namespace="http://www.w3.org/2001/04/xmlenc#"
-        schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
-    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
-        schemaLocation="saml-schema-assertion-2.0.xsd"/>
-    <import namespace="http://www.w3.org/XML/1998/namespace"
-        schemaLocation="http://www.w3.org/2001/xml.xsd"/>
-    <annotation>
-        <documentation>
-            Document identifier: saml-schema-metadata-2.0
-            Location: http://docs.oasis-open.org/security/saml/v2.0/
-            Revision history:
-              V2.0 (March, 2005):
-                Schema for SAML metadata, first published in SAML 2.0.
-        </documentation>
-    </annotation>
-
-    <simpleType name="entityIDType">
-        <restriction base="anyURI">
-            <maxLength value="1024"/>
-        </restriction>
-    </simpleType>
-    <complexType name="localizedNameType">
-        <simpleContent>
-            <extension base="string">
-                <attribute ref="xml:lang" use="required"/>
-            </extension>
-        </simpleContent>
-    </complexType>
-    <complexType name="localizedURIType">
-        <simpleContent>
-            <extension base="anyURI">
-                <attribute ref="xml:lang" use="required"/>
-            </extension>
-        </simpleContent>
-    </complexType>
-    
-    <element name="Extensions" type="md:ExtensionsType"/>
-    <complexType final="#all" name="ExtensionsType">
-        <sequence>
-            <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
-        </sequence>
-    </complexType>
-    
-    <complexType name="EndpointType">
-        <sequence>
-            <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="Binding" type="anyURI" use="required"/>
-        <attribute name="Location" type="anyURI" use="required"/>
-        <attribute name="ResponseLocation" type="anyURI" use="optional"/>
-        <anyAttribute namespace="##other" processContents="lax"/>
-    </complexType>
-    
-    <complexType name="IndexedEndpointType">
-        <complexContent>
-            <extension base="md:EndpointType">
-                <attribute name="index" type="unsignedShort" use="required"/>
-                <attribute name="isDefault" type="boolean" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    
-    <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType"/>
-    <complexType name="EntitiesDescriptorType">
-        <sequence>
-            <element ref="ds:Signature" minOccurs="0"/>
-            <element ref="md:Extensions" minOccurs="0"/>
-            <choice minOccurs="1" maxOccurs="unbounded">
-                <element ref="md:EntityDescriptor"/>
-                <element ref="md:EntitiesDescriptor"/>
-            </choice>
-        </sequence>
-        <attribute name="validUntil" type="dateTime" use="optional"/>
-        <attribute name="cacheDuration" type="duration" use="optional"/>
-        <attribute name="ID" type="ID" use="optional"/>
-        <attribute name="Name" type="string" use="optional"/>
-    </complexType>
-
-    <element name="EntityDescriptor" type="md:EntityDescriptorType"/>
-    <complexType name="EntityDescriptorType">
-        <sequence>
-            <element ref="ds:Signature" minOccurs="0"/>
-            <element ref="md:Extensions" minOccurs="0"/>
-            <choice>
-                <choice maxOccurs="unbounded">
-                    <element ref="md:RoleDescriptor"/>
-                    <element ref="md:IDPSSODescriptor"/>
-                    <element ref="md:SPSSODescriptor"/>
-                    <element ref="md:AuthnAuthorityDescriptor"/>
-                    <element ref="md:AttributeAuthorityDescriptor"/>
-                    <element ref="md:PDPDescriptor"/>
-                </choice>
-                <element ref="md:AffiliationDescriptor"/>
-            </choice>
-            <element ref="md:Organization" minOccurs="0"/>
-            <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
-            <element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="entityID" type="md:entityIDType" use="required"/>
-        <attribute name="validUntil" type="dateTime" use="optional"/>
-        <attribute name="cacheDuration" type="duration" use="optional"/>
-        <attribute name="ID" type="ID" use="optional"/>
-        <anyAttribute namespace="##other" processContents="lax"/>
-    </complexType>
-    
-    <element name="Organization" type="md:OrganizationType"/>
-    <complexType name="OrganizationType">
-        <sequence>
-            <element ref="md:Extensions" minOccurs="0"/>
-            <element ref="md:OrganizationName" maxOccurs="unbounded"/>
-            <element ref="md:OrganizationDisplayName" maxOccurs="unbounded"/>
-            <element ref="md:OrganizationURL" maxOccurs="unbounded"/>
-        </sequence>
-        <anyAttribute namespace="##other" processContents="lax"/>
-    </complexType>
-    <element name="OrganizationName" type="md:localizedNameType"/>
-    <element name="OrganizationDisplayName" type="md:localizedNameType"/>
-    <element name="OrganizationURL" type="md:localizedURIType"/>
-    <element name="ContactPerson" type="md:ContactType"/>
-    <complexType name="ContactType">
-        <sequence>
-            <element ref="md:Extensions" minOccurs="0"/>
-            <element ref="md:Company" minOccurs="0"/>
-            <element ref="md:GivenName" minOccurs="0"/>
-            <element ref="md:SurName" minOccurs="0"/>
-            <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded"/>
-            <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="contactType" type="md:ContactTypeType" use="required"/>
-        <anyAttribute namespace="##other" processContents="lax"/>
-    </complexType>
-    <element name="Company" type="string"/>
-    <element name="GivenName" type="string"/>
-    <element name="SurName" type="string"/>
-    <element name="EmailAddress" type="anyURI"/>
-    <element name="TelephoneNumber" type="string"/>
-    <simpleType name="ContactTypeType">
-        <restriction base="string">
-            <enumeration value="technical"/>
-            <enumeration value="support"/>
-            <enumeration value="administrative"/>
-            <enumeration value="billing"/>
-            <enumeration value="other"/>
-        </restriction>
-    </simpleType>
-
-    <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType"/>
-    <complexType name="AdditionalMetadataLocationType">
-        <simpleContent>
-            <extension base="anyURI">
-                <attribute name="namespace" type="anyURI" use="required"/>
-            </extension>
-        </simpleContent>
-    </complexType>
-
-    <element name="RoleDescriptor" type="md:RoleDescriptorType"/>
-    <complexType name="RoleDescriptorType" abstract="true">
-        <sequence>
-            <element ref="ds:Signature" minOccurs="0"/>
-            <element ref="md:Extensions" minOccurs="0"/>
-            <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
-            <element ref="md:Organization" minOccurs="0"/>
-            <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="ID" type="ID" use="optional"/>
-        <attribute name="validUntil" type="dateTime" use="optional"/>
-        <attribute name="cacheDuration" type="duration" use="optional"/>
-        <attribute name="protocolSupportEnumeration" type="md:anyURIListType" use="required"/>
-        <attribute name="errorURL" type="anyURI" use="optional"/>
-        <anyAttribute namespace="##other" processContents="lax"/>
-    </complexType>
-    <simpleType name="anyURIListType">
-        <list itemType="anyURI"/>
-    </simpleType>
-
-    <element name="KeyDescriptor" type="md:KeyDescriptorType"/>
-    <complexType name="KeyDescriptorType">
-        <sequence>
-            <element ref="ds:KeyInfo"/>
-            <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="use" type="md:KeyTypes" use="optional"/>
-    </complexType>
-    <simpleType name="KeyTypes">
-        <restriction base="string">
-            <enumeration value="encryption"/>
-            <enumeration value="signing"/>
-        </restriction>
-    </simpleType>
-    <element name="EncryptionMethod" type="xenc:EncryptionMethodType"/>
-    
-    <complexType name="SSODescriptorType" abstract="true">
-        <complexContent>
-            <extension base="md:RoleDescriptorType">
-                <sequence>
-                    <element ref="md:ArtifactResolutionService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:SingleLogoutService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:ManageNameIDService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="ArtifactResolutionService" type="md:IndexedEndpointType"/>
-    <element name="SingleLogoutService" type="md:EndpointType"/>
-    <element name="ManageNameIDService" type="md:EndpointType"/>
-    <element name="NameIDFormat" type="anyURI"/>
-
-    <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType"/>
-    <complexType name="IDPSSODescriptorType">
-        <complexContent>
-            <extension base="md:SSODescriptorType">
-                <sequence>
-                    <element ref="md:SingleSignOnService" maxOccurs="unbounded"/>
-                    <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-                <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="SingleSignOnService" type="md:EndpointType"/>
-    <element name="NameIDMappingService" type="md:EndpointType"/>
-    <element name="AssertionIDRequestService" type="md:EndpointType"/>
-    <element name="AttributeProfile" type="anyURI"/>
-    
-    <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/>
-    <complexType name="SPSSODescriptorType">
-        <complexContent>
-            <extension base="md:SSODescriptorType">
-                <sequence>
-                    <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/>
-                    <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-                <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/>
-                <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="AssertionConsumerService" type="md:IndexedEndpointType"/>
-    <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
-    <complexType name="AttributeConsumingServiceType">
-        <sequence>
-            <element ref="md:ServiceName" maxOccurs="unbounded"/>
-            <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
-            <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="index" type="unsignedShort" use="required"/>
-        <attribute name="isDefault" type="boolean" use="optional"/>
-    </complexType>
-    <element name="ServiceName" type="md:localizedNameType"/>
-    <element name="ServiceDescription" type="md:localizedNameType"/>
-    <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
-    <complexType name="RequestedAttributeType">
-        <complexContent>
-            <extension base="saml:AttributeType">
-                <attribute name="isRequired" type="boolean" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-  
-    <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/>
-    <complexType name="AuthnAuthorityDescriptorType">
-        <complexContent>
-            <extension base="md:RoleDescriptorType">
-                <sequence>
-                    <element ref="md:AuthnQueryService" maxOccurs="unbounded"/>
-                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="AuthnQueryService" type="md:EndpointType"/>
-
-    <element name="PDPDescriptor" type="md:PDPDescriptorType"/>
-    <complexType name="PDPDescriptorType">
-        <complexContent>
-            <extension base="md:RoleDescriptorType">
-                <sequence>
-                    <element ref="md:AuthzService" maxOccurs="unbounded"/>
-                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="AuthzService" type="md:EndpointType"/>
-
-    <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType"/>
-    <complexType name="AttributeAuthorityDescriptorType">
-        <complexContent>
-            <extension base="md:RoleDescriptorType">
-                <sequence>
-                    <element ref="md:AttributeService" maxOccurs="unbounded"/>
-                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="AttributeService" type="md:EndpointType"/>
-   
-    <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/>
-    <complexType name="AffiliationDescriptorType">
-        <sequence>
-            <element ref="ds:Signature" minOccurs="0"/>
-            <element ref="md:Extensions" minOccurs="0"/>
-            <element ref="md:AffiliateMember" maxOccurs="unbounded"/>
-            <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="affiliationOwnerID" type="md:entityIDType" use="required"/>
-        <attribute name="validUntil" type="dateTime" use="optional"/>
-        <attribute name="cacheDuration" type="duration" use="optional"/>
-        <attribute name="ID" type="ID" use="optional"/>
-        <anyAttribute namespace="##other" processContents="lax"/>
-    </complexType>
-    <element name="AffiliateMember" type="md:entityIDType"/>
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata"
+    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+    xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
+    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <import namespace="http://www.w3.org/2000/09/xmldsig#"
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
+    <import namespace="http://www.w3.org/2001/04/xmlenc#"
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
+    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
+        schemaLocation="saml-schema-assertion-2.0.xsd"/>
+    <import namespace="http://www.w3.org/XML/1998/namespace"
+        schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+    <annotation>
+        <documentation>
+            Document identifier: saml-schema-metadata-2.0
+            Location: http://docs.oasis-open.org/security/saml/v2.0/
+            Revision history:
+              V2.0 (March, 2005):
+                Schema for SAML metadata, first published in SAML 2.0.
+        </documentation>
+    </annotation>
+
+    <simpleType name="entityIDType">
+        <restriction base="anyURI">
+            <maxLength value="1024"/>
+        </restriction>
+    </simpleType>
+    <complexType name="localizedNameType">
+        <simpleContent>
+            <extension base="string">
+                <attribute ref="xml:lang" use="required"/>
+            </extension>
+        </simpleContent>
+    </complexType>
+    <complexType name="localizedURIType">
+        <simpleContent>
+            <extension base="anyURI">
+                <attribute ref="xml:lang" use="required"/>
+            </extension>
+        </simpleContent>
+    </complexType>
+    
+    <element name="Extensions" type="md:ExtensionsType"/>
+    <complexType final="#all" name="ExtensionsType">
+        <sequence>
+            <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
+        </sequence>
+    </complexType>
+    
+    <complexType name="EndpointType">
+        <sequence>
+            <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="Binding" type="anyURI" use="required"/>
+        <attribute name="Location" type="anyURI" use="required"/>
+        <attribute name="ResponseLocation" type="anyURI" use="optional"/>
+        <anyAttribute namespace="##other" processContents="lax"/>
+    </complexType>
+    
+    <complexType name="IndexedEndpointType">
+        <complexContent>
+            <extension base="md:EndpointType">
+                <attribute name="index" type="unsignedShort" use="required"/>
+                <attribute name="isDefault" type="boolean" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    
+    <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType"/>
+    <complexType name="EntitiesDescriptorType">
+        <sequence>
+            <element ref="ds:Signature" minOccurs="0"/>
+            <element ref="md:Extensions" minOccurs="0"/>
+            <choice minOccurs="1" maxOccurs="unbounded">
+                <element ref="md:EntityDescriptor"/>
+                <element ref="md:EntitiesDescriptor"/>
+            </choice>
+        </sequence>
+        <attribute name="validUntil" type="dateTime" use="optional"/>
+        <attribute name="cacheDuration" type="duration" use="optional"/>
+        <attribute name="ID" type="ID" use="optional"/>
+        <attribute name="Name" type="string" use="optional"/>
+    </complexType>
+
+    <element name="EntityDescriptor" type="md:EntityDescriptorType"/>
+    <complexType name="EntityDescriptorType">
+        <sequence>
+            <element ref="ds:Signature" minOccurs="0"/>
+            <element ref="md:Extensions" minOccurs="0"/>
+            <choice>
+                <choice maxOccurs="unbounded">
+                    <element ref="md:RoleDescriptor"/>
+                    <element ref="md:IDPSSODescriptor"/>
+                    <element ref="md:SPSSODescriptor"/>
+                    <element ref="md:AuthnAuthorityDescriptor"/>
+                    <element ref="md:AttributeAuthorityDescriptor"/>
+                    <element ref="md:PDPDescriptor"/>
+                </choice>
+                <element ref="md:AffiliationDescriptor"/>
+            </choice>
+            <element ref="md:Organization" minOccurs="0"/>
+            <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
+            <element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="entityID" type="md:entityIDType" use="required"/>
+        <attribute name="validUntil" type="dateTime" use="optional"/>
+        <attribute name="cacheDuration" type="duration" use="optional"/>
+        <attribute name="ID" type="ID" use="optional"/>
+        <anyAttribute namespace="##other" processContents="lax"/>
+    </complexType>
+    
+    <element name="Organization" type="md:OrganizationType"/>
+    <complexType name="OrganizationType">
+        <sequence>
+            <element ref="md:Extensions" minOccurs="0"/>
+            <element ref="md:OrganizationName" maxOccurs="unbounded"/>
+            <element ref="md:OrganizationDisplayName" maxOccurs="unbounded"/>
+            <element ref="md:OrganizationURL" maxOccurs="unbounded"/>
+        </sequence>
+        <anyAttribute namespace="##other" processContents="lax"/>
+    </complexType>
+    <element name="OrganizationName" type="md:localizedNameType"/>
+    <element name="OrganizationDisplayName" type="md:localizedNameType"/>
+    <element name="OrganizationURL" type="md:localizedURIType"/>
+    <element name="ContactPerson" type="md:ContactType"/>
+    <complexType name="ContactType">
+        <sequence>
+            <element ref="md:Extensions" minOccurs="0"/>
+            <element ref="md:Company" minOccurs="0"/>
+            <element ref="md:GivenName" minOccurs="0"/>
+            <element ref="md:SurName" minOccurs="0"/>
+            <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded"/>
+            <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="contactType" type="md:ContactTypeType" use="required"/>
+        <anyAttribute namespace="##other" processContents="lax"/>
+    </complexType>
+    <element name="Company" type="string"/>
+    <element name="GivenName" type="string"/>
+    <element name="SurName" type="string"/>
+    <element name="EmailAddress" type="anyURI"/>
+    <element name="TelephoneNumber" type="string"/>
+    <simpleType name="ContactTypeType">
+        <restriction base="string">
+            <enumeration value="technical"/>
+            <enumeration value="support"/>
+            <enumeration value="administrative"/>
+            <enumeration value="billing"/>
+            <enumeration value="other"/>
+        </restriction>
+    </simpleType>
+
+    <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType"/>
+    <complexType name="AdditionalMetadataLocationType">
+        <simpleContent>
+            <extension base="anyURI">
+                <attribute name="namespace" type="anyURI" use="required"/>
+            </extension>
+        </simpleContent>
+    </complexType>
+
+    <element name="RoleDescriptor" type="md:RoleDescriptorType"/>
+    <complexType name="RoleDescriptorType" abstract="true">
+        <sequence>
+            <element ref="ds:Signature" minOccurs="0"/>
+            <element ref="md:Extensions" minOccurs="0"/>
+            <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
+            <element ref="md:Organization" minOccurs="0"/>
+            <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="ID" type="ID" use="optional"/>
+        <attribute name="validUntil" type="dateTime" use="optional"/>
+        <attribute name="cacheDuration" type="duration" use="optional"/>
+        <attribute name="protocolSupportEnumeration" type="md:anyURIListType" use="required"/>
+        <attribute name="errorURL" type="anyURI" use="optional"/>
+        <anyAttribute namespace="##other" processContents="lax"/>
+    </complexType>
+    <simpleType name="anyURIListType">
+        <list itemType="anyURI"/>
+    </simpleType>
+
+    <element name="KeyDescriptor" type="md:KeyDescriptorType"/>
+    <complexType name="KeyDescriptorType">
+        <sequence>
+            <element ref="ds:KeyInfo"/>
+            <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="use" type="md:KeyTypes" use="optional"/>
+    </complexType>
+    <simpleType name="KeyTypes">
+        <restriction base="string">
+            <enumeration value="encryption"/>
+            <enumeration value="signing"/>
+        </restriction>
+    </simpleType>
+    <element name="EncryptionMethod" type="xenc:EncryptionMethodType"/>
+    
+    <complexType name="SSODescriptorType" abstract="true">
+        <complexContent>
+            <extension base="md:RoleDescriptorType">
+                <sequence>
+                    <element ref="md:ArtifactResolutionService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:SingleLogoutService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:ManageNameIDService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="ArtifactResolutionService" type="md:IndexedEndpointType"/>
+    <element name="SingleLogoutService" type="md:EndpointType"/>
+    <element name="ManageNameIDService" type="md:EndpointType"/>
+    <element name="NameIDFormat" type="anyURI"/>
+
+    <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType"/>
+    <complexType name="IDPSSODescriptorType">
+        <complexContent>
+            <extension base="md:SSODescriptorType">
+                <sequence>
+                    <element ref="md:SingleSignOnService" maxOccurs="unbounded"/>
+                    <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+                <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="SingleSignOnService" type="md:EndpointType"/>
+    <element name="NameIDMappingService" type="md:EndpointType"/>
+    <element name="AssertionIDRequestService" type="md:EndpointType"/>
+    <element name="AttributeProfile" type="anyURI"/>
+    
+    <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/>
+    <complexType name="SPSSODescriptorType">
+        <complexContent>
+            <extension base="md:SSODescriptorType">
+                <sequence>
+                    <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/>
+                    <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+                <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/>
+                <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="AssertionConsumerService" type="md:IndexedEndpointType"/>
+    <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
+    <complexType name="AttributeConsumingServiceType">
+        <sequence>
+            <element ref="md:ServiceName" maxOccurs="unbounded"/>
+            <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
+            <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="index" type="unsignedShort" use="required"/>
+        <attribute name="isDefault" type="boolean" use="optional"/>
+    </complexType>
+    <element name="ServiceName" type="md:localizedNameType"/>
+    <element name="ServiceDescription" type="md:localizedNameType"/>
+    <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
+    <complexType name="RequestedAttributeType">
+        <complexContent>
+            <extension base="saml:AttributeType">
+                <attribute name="isRequired" type="boolean" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+  
+    <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/>
+    <complexType name="AuthnAuthorityDescriptorType">
+        <complexContent>
+            <extension base="md:RoleDescriptorType">
+                <sequence>
+                    <element ref="md:AuthnQueryService" maxOccurs="unbounded"/>
+                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="AuthnQueryService" type="md:EndpointType"/>
+
+    <element name="PDPDescriptor" type="md:PDPDescriptorType"/>
+    <complexType name="PDPDescriptorType">
+        <complexContent>
+            <extension base="md:RoleDescriptorType">
+                <sequence>
+                    <element ref="md:AuthzService" maxOccurs="unbounded"/>
+                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="AuthzService" type="md:EndpointType"/>
+
+    <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType"/>
+    <complexType name="AttributeAuthorityDescriptorType">
+        <complexContent>
+            <extension base="md:RoleDescriptorType">
+                <sequence>
+                    <element ref="md:AttributeService" maxOccurs="unbounded"/>
+                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="AttributeService" type="md:EndpointType"/>
+   
+    <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/>
+    <complexType name="AffiliationDescriptorType">
+        <sequence>
+            <element ref="ds:Signature" minOccurs="0"/>
+            <element ref="md:Extensions" minOccurs="0"/>
+            <element ref="md:AffiliateMember" maxOccurs="unbounded"/>
+            <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="affiliationOwnerID" type="md:entityIDType" use="required"/>
+        <attribute name="validUntil" type="dateTime" use="optional"/>
+        <attribute name="cacheDuration" type="duration" use="optional"/>
+        <attribute name="ID" type="ID" use="optional"/>
+        <anyAttribute namespace="##other" processContents="lax"/>
+    </complexType>
+    <element name="AffiliateMember" type="md:entityIDType"/>
+</schema>
diff --git a/schemas/saml-schema-protocol-2.0.xsd b/schemas/saml-schema-protocol-2.0.xsd
index eb480e5..13656b1 100644
--- a/schemas/saml-schema-protocol-2.0.xsd
+++ b/schemas/saml-schema-protocol-2.0.xsd
@@ -1,302 +1,302 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
-    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
-        schemaLocation="saml-schema-assertion-2.0.xsd"/>
-    <import namespace="http://www.w3.org/2000/09/xmldsig#"
-        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
-    <annotation>
-        <documentation>
-            Document identifier: saml-schema-protocol-2.0
-            Location: http://docs.oasis-open.org/security/saml/v2.0/
-            Revision history:
-            V1.0 (November, 2002):
-              Initial Standard Schema.
-            V1.1 (September, 2003):
-              Updates within the same V1.0 namespace.
-            V2.0 (March, 2005):
-              New protocol schema based in a SAML V2.0 namespace.
-     </documentation>
-    </annotation>
-    <complexType name="RequestAbstractType" abstract="true">
-        <sequence>
-            <element ref="saml:Issuer" minOccurs="0"/>
-            <element ref="ds:Signature" minOccurs="0"/>
-            <element ref="samlp:Extensions" minOccurs="0"/>
-        </sequence>
-        <attribute name="ID" type="ID" use="required"/>
-        <attribute name="Version" type="string" use="required"/>
-        <attribute name="IssueInstant" type="dateTime" use="required"/>
-        <attribute name="Destination" type="anyURI" use="optional"/>
-    	<attribute name="Consent" type="anyURI" use="optional"/>
-    </complexType>
-    <element name="Extensions" type="samlp:ExtensionsType"/>
-    <complexType name="ExtensionsType">
-        <sequence>
-            <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
-        </sequence>
-    </complexType>
-    <complexType name="StatusResponseType">
-    	<sequence>
-            <element ref="saml:Issuer" minOccurs="0"/>
-            <element ref="ds:Signature" minOccurs="0"/>
-            <element ref="samlp:Extensions" minOccurs="0"/>
-            <element ref="samlp:Status"/>
-    	</sequence>
-    	<attribute name="ID" type="ID" use="required"/>
-    	<attribute name="InResponseTo" type="NCName" use="optional"/>
-    	<attribute name="Version" type="string" use="required"/>
-    	<attribute name="IssueInstant" type="dateTime" use="required"/>
-    	<attribute name="Destination" type="anyURI" use="optional"/>
-    	<attribute name="Consent" type="anyURI" use="optional"/>
-    </complexType>
-    <element name="Status" type="samlp:StatusType"/>
-    <complexType name="StatusType">
-        <sequence>
-            <element ref="samlp:StatusCode"/>
-            <element ref="samlp:StatusMessage" minOccurs="0"/>
-            <element ref="samlp:StatusDetail" minOccurs="0"/>
-        </sequence>
-    </complexType>
-    <element name="StatusCode" type="samlp:StatusCodeType"/>
-    <complexType name="StatusCodeType">
-        <sequence>
-            <element ref="samlp:StatusCode" minOccurs="0"/>
-        </sequence>
-        <attribute name="Value" type="anyURI" use="required"/>
-    </complexType>
-    <element name="StatusMessage" type="string"/>
-    <element name="StatusDetail" type="samlp:StatusDetailType"/>
-    <complexType name="StatusDetailType">
-        <sequence>
-            <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-    </complexType>
-    <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/>
-    <complexType name="AssertionIDRequestType">
-    	<complexContent>
-            <extension base="samlp:RequestAbstractType">
-                <sequence>
-                    <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-    	</complexContent>
-    </complexType>
-    <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
-    <complexType name="SubjectQueryAbstractType" abstract="true">
-    	<complexContent>
-            <extension base="samlp:RequestAbstractType">
-                <sequence>
-                    <element ref="saml:Subject"/>
-                </sequence>
-            </extension>
-    	</complexContent>
-    </complexType>
-    <element name="AuthnQuery" type="samlp:AuthnQueryType"/>
-    <complexType name="AuthnQueryType">
-        <complexContent>
-            <extension base="samlp:SubjectQueryAbstractType">
-                <sequence>
-                    <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
-                </sequence>
-                <attribute name="SessionIndex" type="string" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/>
-    <complexType name="RequestedAuthnContextType">
-        <choice>
-            <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/>
-            <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/>
-        </choice>
-        <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/>
-    </complexType>
-    <simpleType name="AuthnContextComparisonType">
-        <restriction base="string">
-            <enumeration value="exact"/>
-            <enumeration value="minimum"/>
-            <enumeration value="maximum"/>
-            <enumeration value="better"/>
-        </restriction>
-    </simpleType>
-    <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
-    <complexType name="AttributeQueryType">
-        <complexContent>
-            <extension base="samlp:SubjectQueryAbstractType">
-                <sequence>
-                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/>
-    <complexType name="AuthzDecisionQueryType">
-        <complexContent>
-            <extension base="samlp:SubjectQueryAbstractType">
-                <sequence>
-                    <element ref="saml:Action" maxOccurs="unbounded"/>
-                    <element ref="saml:Evidence" minOccurs="0"/>
-                </sequence>
-                <attribute name="Resource" type="anyURI" use="required"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="AuthnRequest" type="samlp:AuthnRequestType"/>
-    <complexType name="AuthnRequestType">
-        <complexContent>
-            <extension base="samlp:RequestAbstractType">
-                <sequence>
-                    <element ref="saml:Subject" minOccurs="0"/>
-                    <element ref="samlp:NameIDPolicy" minOccurs="0"/>
-                    <element ref="saml:Conditions" minOccurs="0"/>
-                    <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
-                    <element ref="samlp:Scoping" minOccurs="0"/>
-                </sequence>
-                <attribute name="ForceAuthn" type="boolean" use="optional"/>
-                <attribute name="IsPassive" type="boolean" use="optional"/>
-                <attribute name="ProtocolBinding" type="anyURI" use="optional"/>
-                <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/>
-                <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/>
-                <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/>
-                <attribute name="ProviderName" type="string" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/>
-    <complexType name="NameIDPolicyType">
-        <attribute name="Format" type="anyURI" use="optional"/>
-        <attribute name="SPNameQualifier" type="string" use="optional"/>
-        <attribute name="AllowCreate" type="boolean" use="optional"/>
-    </complexType>
-    <element name="Scoping" type="samlp:ScopingType"/>
-    <complexType name="ScopingType">
-        <sequence>
-            <element ref="samlp:IDPList" minOccurs="0"/>
-            <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/>
-    </complexType>
-    <element name="RequesterID" type="anyURI"/>
-    <element name="IDPList" type="samlp:IDPListType"/>
-    <complexType name="IDPListType">
-        <sequence>
-            <element ref="samlp:IDPEntry" maxOccurs="unbounded"/>
-            <element ref="samlp:GetComplete" minOccurs="0"/>
-        </sequence>
-    </complexType>
-    <element name="IDPEntry" type="samlp:IDPEntryType"/>
-    <complexType name="IDPEntryType">
-        <attribute name="ProviderID" type="anyURI" use="required"/>
-        <attribute name="Name" type="string" use="optional"/>
-        <attribute name="Loc" type="anyURI" use="optional"/>
-    </complexType>
-    <element name="GetComplete" type="anyURI"/>
-    <element name="Response" type="samlp:ResponseType"/>
-    <complexType name="ResponseType">
-    	<complexContent>
-            <extension base="samlp:StatusResponseType">
-                <choice minOccurs="0" maxOccurs="unbounded">
-                    <element ref="saml:Assertion"/>
-                    <element ref="saml:EncryptedAssertion"/>
-                </choice>
-            </extension>
-    	</complexContent>
-    </complexType>
-    <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/>
-    <complexType name="ArtifactResolveType">
-    	<complexContent>
-            <extension base="samlp:RequestAbstractType">
-                <sequence>
-                    <element ref="samlp:Artifact"/>
-                </sequence>
-            </extension>
-    	</complexContent>
-    </complexType>
-    <element name="Artifact" type="string"/>
-    <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/>
-    <complexType name="ArtifactResponseType">
-    	<complexContent>
-            <extension base="samlp:StatusResponseType">
-                <sequence>
-                    <any namespace="##any" processContents="lax" minOccurs="0"/>
-                </sequence>
-            </extension>
-    	</complexContent>
-    </complexType>
-    <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/>
-    <complexType name="ManageNameIDRequestType">
-    	<complexContent>
-            <extension base="samlp:RequestAbstractType">
-                <sequence>
-                    <choice>
-                        <element ref="saml:NameID"/>
-                        <element ref="saml:EncryptedID"/>
-                    </choice>
-                    <choice>
-                        <element ref="samlp:NewID"/>
-                        <element ref="samlp:NewEncryptedID"/>
-                        <element ref="samlp:Terminate"/>
-                    </choice>
-                </sequence>
-            </extension>
-    	</complexContent>
-    </complexType>
-    <element name="NewID" type="string"/>
-    <element name="NewEncryptedID" type="saml:EncryptedElementType"/>
-    <element name="Terminate" type="samlp:TerminateType"/>
-    <complexType name="TerminateType"/>
-    <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/>
-    <element name="LogoutRequest" type="samlp:LogoutRequestType"/>
-    <complexType name="LogoutRequestType">
-        <complexContent>
-            <extension base="samlp:RequestAbstractType">
-                <sequence>
-                    <choice>
-                        <element ref="saml:BaseID"/>
-                        <element ref="saml:NameID"/>
-                        <element ref="saml:EncryptedID"/>
-                    </choice>
-                    <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/>
-                </sequence>
-                <attribute name="Reason" type="string" use="optional"/>
-                <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="SessionIndex" type="string"/>
-    <element name="LogoutResponse" type="samlp:StatusResponseType"/>
-    <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/>
-    <complexType name="NameIDMappingRequestType">
-        <complexContent>
-            <extension base="samlp:RequestAbstractType">
-                <sequence>
-                    <choice>
-                        <element ref="saml:BaseID"/>
-                        <element ref="saml:NameID"/>
-                        <element ref="saml:EncryptedID"/>
-                    </choice>
-                    <element ref="samlp:NameIDPolicy"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/>
-    <complexType name="NameIDMappingResponseType">
-        <complexContent>
-            <extension base="samlp:StatusResponseType">
-                <choice>
-                    <element ref="saml:NameID"/>
-                    <element ref="saml:EncryptedID"/>
-                </choice>
-            </extension>
-        </complexContent>
-    </complexType>
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
+        schemaLocation="saml-schema-assertion-2.0.xsd"/>
+    <import namespace="http://www.w3.org/2000/09/xmldsig#"
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
+    <annotation>
+        <documentation>
+            Document identifier: saml-schema-protocol-2.0
+            Location: http://docs.oasis-open.org/security/saml/v2.0/
+            Revision history:
+            V1.0 (November, 2002):
+              Initial Standard Schema.
+            V1.1 (September, 2003):
+              Updates within the same V1.0 namespace.
+            V2.0 (March, 2005):
+              New protocol schema based in a SAML V2.0 namespace.
+     </documentation>
+    </annotation>
+    <complexType name="RequestAbstractType" abstract="true">
+        <sequence>
+            <element ref="saml:Issuer" minOccurs="0"/>
+            <element ref="ds:Signature" minOccurs="0"/>
+            <element ref="samlp:Extensions" minOccurs="0"/>
+        </sequence>
+        <attribute name="ID" type="ID" use="required"/>
+        <attribute name="Version" type="string" use="required"/>
+        <attribute name="IssueInstant" type="dateTime" use="required"/>
+        <attribute name="Destination" type="anyURI" use="optional"/>
+    	<attribute name="Consent" type="anyURI" use="optional"/>
+    </complexType>
+    <element name="Extensions" type="samlp:ExtensionsType"/>
+    <complexType name="ExtensionsType">
+        <sequence>
+            <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
+        </sequence>
+    </complexType>
+    <complexType name="StatusResponseType">
+    	<sequence>
+            <element ref="saml:Issuer" minOccurs="0"/>
+            <element ref="ds:Signature" minOccurs="0"/>
+            <element ref="samlp:Extensions" minOccurs="0"/>
+            <element ref="samlp:Status"/>
+    	</sequence>
+    	<attribute name="ID" type="ID" use="required"/>
+    	<attribute name="InResponseTo" type="NCName" use="optional"/>
+    	<attribute name="Version" type="string" use="required"/>
+    	<attribute name="IssueInstant" type="dateTime" use="required"/>
+    	<attribute name="Destination" type="anyURI" use="optional"/>
+    	<attribute name="Consent" type="anyURI" use="optional"/>
+    </complexType>
+    <element name="Status" type="samlp:StatusType"/>
+    <complexType name="StatusType">
+        <sequence>
+            <element ref="samlp:StatusCode"/>
+            <element ref="samlp:StatusMessage" minOccurs="0"/>
+            <element ref="samlp:StatusDetail" minOccurs="0"/>
+        </sequence>
+    </complexType>
+    <element name="StatusCode" type="samlp:StatusCodeType"/>
+    <complexType name="StatusCodeType">
+        <sequence>
+            <element ref="samlp:StatusCode" minOccurs="0"/>
+        </sequence>
+        <attribute name="Value" type="anyURI" use="required"/>
+    </complexType>
+    <element name="StatusMessage" type="string"/>
+    <element name="StatusDetail" type="samlp:StatusDetailType"/>
+    <complexType name="StatusDetailType">
+        <sequence>
+            <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+    </complexType>
+    <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/>
+    <complexType name="AssertionIDRequestType">
+    	<complexContent>
+            <extension base="samlp:RequestAbstractType">
+                <sequence>
+                    <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+    	</complexContent>
+    </complexType>
+    <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
+    <complexType name="SubjectQueryAbstractType" abstract="true">
+    	<complexContent>
+            <extension base="samlp:RequestAbstractType">
+                <sequence>
+                    <element ref="saml:Subject"/>
+                </sequence>
+            </extension>
+    	</complexContent>
+    </complexType>
+    <element name="AuthnQuery" type="samlp:AuthnQueryType"/>
+    <complexType name="AuthnQueryType">
+        <complexContent>
+            <extension base="samlp:SubjectQueryAbstractType">
+                <sequence>
+                    <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
+                </sequence>
+                <attribute name="SessionIndex" type="string" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/>
+    <complexType name="RequestedAuthnContextType">
+        <choice>
+            <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/>
+            <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/>
+        </choice>
+        <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/>
+    </complexType>
+    <simpleType name="AuthnContextComparisonType">
+        <restriction base="string">
+            <enumeration value="exact"/>
+            <enumeration value="minimum"/>
+            <enumeration value="maximum"/>
+            <enumeration value="better"/>
+        </restriction>
+    </simpleType>
+    <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
+    <complexType name="AttributeQueryType">
+        <complexContent>
+            <extension base="samlp:SubjectQueryAbstractType">
+                <sequence>
+                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/>
+    <complexType name="AuthzDecisionQueryType">
+        <complexContent>
+            <extension base="samlp:SubjectQueryAbstractType">
+                <sequence>
+                    <element ref="saml:Action" maxOccurs="unbounded"/>
+                    <element ref="saml:Evidence" minOccurs="0"/>
+                </sequence>
+                <attribute name="Resource" type="anyURI" use="required"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="AuthnRequest" type="samlp:AuthnRequestType"/>
+    <complexType name="AuthnRequestType">
+        <complexContent>
+            <extension base="samlp:RequestAbstractType">
+                <sequence>
+                    <element ref="saml:Subject" minOccurs="0"/>
+                    <element ref="samlp:NameIDPolicy" minOccurs="0"/>
+                    <element ref="saml:Conditions" minOccurs="0"/>
+                    <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
+                    <element ref="samlp:Scoping" minOccurs="0"/>
+                </sequence>
+                <attribute name="ForceAuthn" type="boolean" use="optional"/>
+                <attribute name="IsPassive" type="boolean" use="optional"/>
+                <attribute name="ProtocolBinding" type="anyURI" use="optional"/>
+                <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/>
+                <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/>
+                <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/>
+                <attribute name="ProviderName" type="string" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/>
+    <complexType name="NameIDPolicyType">
+        <attribute name="Format" type="anyURI" use="optional"/>
+        <attribute name="SPNameQualifier" type="string" use="optional"/>
+        <attribute name="AllowCreate" type="boolean" use="optional"/>
+    </complexType>
+    <element name="Scoping" type="samlp:ScopingType"/>
+    <complexType name="ScopingType">
+        <sequence>
+            <element ref="samlp:IDPList" minOccurs="0"/>
+            <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/>
+    </complexType>
+    <element name="RequesterID" type="anyURI"/>
+    <element name="IDPList" type="samlp:IDPListType"/>
+    <complexType name="IDPListType">
+        <sequence>
+            <element ref="samlp:IDPEntry" maxOccurs="unbounded"/>
+            <element ref="samlp:GetComplete" minOccurs="0"/>
+        </sequence>
+    </complexType>
+    <element name="IDPEntry" type="samlp:IDPEntryType"/>
+    <complexType name="IDPEntryType">
+        <attribute name="ProviderID" type="anyURI" use="required"/>
+        <attribute name="Name" type="string" use="optional"/>
+        <attribute name="Loc" type="anyURI" use="optional"/>
+    </complexType>
+    <element name="GetComplete" type="anyURI"/>
+    <element name="Response" type="samlp:ResponseType"/>
+    <complexType name="ResponseType">
+    	<complexContent>
+            <extension base="samlp:StatusResponseType">
+                <choice minOccurs="0" maxOccurs="unbounded">
+                    <element ref="saml:Assertion"/>
+                    <element ref="saml:EncryptedAssertion"/>
+                </choice>
+            </extension>
+    	</complexContent>
+    </complexType>
+    <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/>
+    <complexType name="ArtifactResolveType">
+    	<complexContent>
+            <extension base="samlp:RequestAbstractType">
+                <sequence>
+                    <element ref="samlp:Artifact"/>
+                </sequence>
+            </extension>
+    	</complexContent>
+    </complexType>
+    <element name="Artifact" type="string"/>
+    <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/>
+    <complexType name="ArtifactResponseType">
+    	<complexContent>
+            <extension base="samlp:StatusResponseType">
+                <sequence>
+                    <any namespace="##any" processContents="lax" minOccurs="0"/>
+                </sequence>
+            </extension>
+    	</complexContent>
+    </complexType>
+    <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/>
+    <complexType name="ManageNameIDRequestType">
+    	<complexContent>
+            <extension base="samlp:RequestAbstractType">
+                <sequence>
+                    <choice>
+                        <element ref="saml:NameID"/>
+                        <element ref="saml:EncryptedID"/>
+                    </choice>
+                    <choice>
+                        <element ref="samlp:NewID"/>
+                        <element ref="samlp:NewEncryptedID"/>
+                        <element ref="samlp:Terminate"/>
+                    </choice>
+                </sequence>
+            </extension>
+    	</complexContent>
+    </complexType>
+    <element name="NewID" type="string"/>
+    <element name="NewEncryptedID" type="saml:EncryptedElementType"/>
+    <element name="Terminate" type="samlp:TerminateType"/>
+    <complexType name="TerminateType"/>
+    <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/>
+    <element name="LogoutRequest" type="samlp:LogoutRequestType"/>
+    <complexType name="LogoutRequestType">
+        <complexContent>
+            <extension base="samlp:RequestAbstractType">
+                <sequence>
+                    <choice>
+                        <element ref="saml:BaseID"/>
+                        <element ref="saml:NameID"/>
+                        <element ref="saml:EncryptedID"/>
+                    </choice>
+                    <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
+                <attribute name="Reason" type="string" use="optional"/>
+                <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="SessionIndex" type="string"/>
+    <element name="LogoutResponse" type="samlp:StatusResponseType"/>
+    <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/>
+    <complexType name="NameIDMappingRequestType">
+        <complexContent>
+            <extension base="samlp:RequestAbstractType">
+                <sequence>
+                    <choice>
+                        <element ref="saml:BaseID"/>
+                        <element ref="saml:NameID"/>
+                        <element ref="saml:EncryptedID"/>
+                    </choice>
+                    <element ref="samlp:NameIDPolicy"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/>
+    <complexType name="NameIDMappingResponseType">
+        <complexContent>
+            <extension base="samlp:StatusResponseType">
+                <choice>
+                    <element ref="saml:NameID"/>
+                    <element ref="saml:EncryptedID"/>
+                </choice>
+            </extension>
+        </complexContent>
+    </complexType>
+</schema>
diff --git a/schemas/saml-schema-x500-2.0.xsd b/schemas/saml-schema-x500-2.0.xsd
index 141b634..f67f1b0 100644
--- a/schemas/saml-schema-x500-2.0.xsd
+++ b/schemas/saml-schema-x500-2.0.xsd
@@ -1,20 +1,20 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <annotation>
-        <documentation>
-            Document identifier: saml-schema-x500-2.0
-            Location: http://docs.oasis-open.org/security/saml/v2.0/
-            Revision history:
-              V2.0 (March, 2005):
-                Custom schema for X.500 attribute profile, first published in SAML 2.0.
-        </documentation>
-    </annotation>
-    <attribute name="Encoding" type="string"/>
-</schema>
-
+<?xml version="1.0" encoding="UTF-8"?>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <annotation>
+        <documentation>
+            Document identifier: saml-schema-x500-2.0
+            Location: http://docs.oasis-open.org/security/saml/v2.0/
+            Revision history:
+              V2.0 (March, 2005):
+                Custom schema for X.500 attribute profile, first published in SAML 2.0.
+        </documentation>
+    </annotation>
+    <attribute name="Encoding" type="string"/>
+</schema>
+
diff --git a/schemas/saml-schema-xacml-2.0.xsd b/schemas/saml-schema-xacml-2.0.xsd
index a83bc02..836f9db 100644
--- a/schemas/saml-schema-xacml-2.0.xsd
+++ b/schemas/saml-schema-xacml-2.0.xsd
@@ -1,19 +1,19 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:XACML"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <annotation>
-        <documentation>
-            Document identifier: saml-schema-xacml-2.0
-            Location: http://docs.oasis-open.org/security/saml/v2.0/
-            Revision history:
-            V2.0 (March, 2005):
-              Custom schema for XACML attribute profile, first published in SAML 2.0.
-        </documentation>
-    </annotation>
-    <attribute name="DataType" type="anyURI"/>
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:XACML"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <annotation>
+        <documentation>
+            Document identifier: saml-schema-xacml-2.0
+            Location: http://docs.oasis-open.org/security/saml/v2.0/
+            Revision history:
+            V2.0 (March, 2005):
+              Custom schema for XACML attribute profile, first published in SAML 2.0.
+        </documentation>
+    </annotation>
+    <attribute name="DataType" type="anyURI"/>
+</schema>
diff --git a/schemas/sstc-metadata-attr.xsd b/schemas/sstc-metadata-attr.xsd
index a655d96..f23e462 100644
--- a/schemas/sstc-metadata-attr.xsd
+++ b/schemas/sstc-metadata-attr.xsd
@@ -1,35 +1,35 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema 
-  targetNamespace="urn:oasis:names:tc:SAML:metadata:attribute"
-  xmlns="http://www.w3.org/2001/XMLSchema"
-  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-  xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"
-  elementFormDefault="unqualified"
-  attributeFormDefault="unqualified"
-  blockDefault="substitution"
-  version="2.0">
-
-  <annotation>
-    <documentation>
-      Document title: SAML V2.0 Metadata Extention for Entity Attributes Schema
-      Document identifier: sstc-metadata-attr.xsd
-      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
-      Revision history:
-      V1.0 (November 2008):
-        Initial version.
-    </documentation>
-  </annotation>
-
-  <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
-      schemaLocation="saml-schema-assertion-2.0.xsd"/>
-
-  <element name="EntityAttributes" type="mdattr:EntityAttributesType"/>
-  <complexType name="EntityAttributesType">
-    <choice maxOccurs="unbounded">
-      <element ref="saml:Attribute"/>
-      <element ref="saml:Assertion"/>
-    </choice>
-  </complexType>
-
-</schema>
-
+<?xml version="1.0" encoding="UTF-8"?>
+<schema 
+  targetNamespace="urn:oasis:names:tc:SAML:metadata:attribute"
+  xmlns="http://www.w3.org/2001/XMLSchema"
+  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+  xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"
+  elementFormDefault="unqualified"
+  attributeFormDefault="unqualified"
+  blockDefault="substitution"
+  version="2.0">
+
+  <annotation>
+    <documentation>
+      Document title: SAML V2.0 Metadata Extention for Entity Attributes Schema
+      Document identifier: sstc-metadata-attr.xsd
+      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+      Revision history:
+      V1.0 (November 2008):
+        Initial version.
+    </documentation>
+  </annotation>
+
+  <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
+      schemaLocation="saml-schema-assertion-2.0.xsd"/>
+
+  <element name="EntityAttributes" type="mdattr:EntityAttributesType"/>
+  <complexType name="EntityAttributesType">
+    <choice maxOccurs="unbounded">
+      <element ref="saml:Attribute"/>
+      <element ref="saml:Assertion"/>
+    </choice>
+  </complexType>
+
+</schema>
+
diff --git a/schemas/sstc-saml-attribute-ext.xsd b/schemas/sstc-saml-attribute-ext.xsd
index d4b7c1c..ad309c1 100644
--- a/schemas/sstc-saml-attribute-ext.xsd
+++ b/schemas/sstc-saml-attribute-ext.xsd
@@ -1,25 +1,25 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema 
-  targetNamespace="urn:oasis:names:tc:SAML:attribute:ext"
-  xmlns="http://www.w3.org/2001/XMLSchema"
-  elementFormDefault="unqualified"
-  attributeFormDefault="unqualified"
-  blockDefault="substitution"
-  version="2.0">
-
-  <annotation>
-    <documentation>
-      Document title: SAML V2.0 Attribute Extension Schema
-      Document identifier: sstc-saml-attribute-ext.xsd
-      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
-      Revision history:
-      V1.0 (October 2008):
-        Initial version.
-    </documentation>
-  </annotation>
-
-  <attribute name="OriginalIssuer" type="anyURI"/>
-  <attribute name="LastModified" type="dateTime"/>
-
-</schema>
-
+<?xml version="1.0" encoding="UTF-8"?>
+<schema 
+  targetNamespace="urn:oasis:names:tc:SAML:attribute:ext"
+  xmlns="http://www.w3.org/2001/XMLSchema"
+  elementFormDefault="unqualified"
+  attributeFormDefault="unqualified"
+  blockDefault="substitution"
+  version="2.0">
+
+  <annotation>
+    <documentation>
+      Document title: SAML V2.0 Attribute Extension Schema
+      Document identifier: sstc-saml-attribute-ext.xsd
+      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+      Revision history:
+      V1.0 (October 2008):
+        Initial version.
+    </documentation>
+  </annotation>
+
+  <attribute name="OriginalIssuer" type="anyURI"/>
+  <attribute name="LastModified" type="dateTime"/>
+
+</schema>
+
diff --git a/schemas/sstc-saml-delegation.xsd b/schemas/sstc-saml-delegation.xsd
index 30c73dc..3d88ee4 100644
--- a/schemas/sstc-saml-delegation.xsd
+++ b/schemas/sstc-saml-delegation.xsd
@@ -1,40 +1,40 @@
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:2.0:conditions:delegation"
-    xmlns:del="urn:oasis:names:tc:SAML:2.0:conditions:delegation"
-    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <annotation>
-        <documentation>
-            Document identifier: sstc-saml-delegation
-            Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
-            Revision history:
-            V1.0 (February 2009):
-              Initial version.
-        </documentation>
-    </annotation>
-    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
-        schemaLocation="saml-schema-assertion-2.0.xsd"/>
-    <complexType name="DelegationRestrictionType">
-        <complexContent>
-            <extension base="saml:ConditionAbstractType">
-                <sequence>
-                    <element ref="del:Delegate" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="Delegate" type="del:DelegateType"/>
-    <complexType name="DelegateType">
-        <choice>
-            <element ref="saml:BaseID"/>
-            <element ref="saml:NameID"/>
-            <element ref="saml:EncryptedID"/>
-        </choice>
-        <attribute name="DelegationInstant" type="dateTime" use="optional"/>
-        <attribute name="ConfirmationMethod" type="anyURI" use="optional"/>
-    </complexType>
-</schema>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:2.0:conditions:delegation"
+    xmlns:del="urn:oasis:names:tc:SAML:2.0:conditions:delegation"
+    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <annotation>
+        <documentation>
+            Document identifier: sstc-saml-delegation
+            Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+            Revision history:
+            V1.0 (February 2009):
+              Initial version.
+        </documentation>
+    </annotation>
+    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
+        schemaLocation="saml-schema-assertion-2.0.xsd"/>
+    <complexType name="DelegationRestrictionType">
+        <complexContent>
+            <extension base="saml:ConditionAbstractType">
+                <sequence>
+                    <element ref="del:Delegate" maxOccurs="unbounded"/>
+                </sequence>
+            </extension>
+        </complexContent>
+    </complexType>
+    <element name="Delegate" type="del:DelegateType"/>
+    <complexType name="DelegateType">
+        <choice>
+            <element ref="saml:BaseID"/>
+            <element ref="saml:NameID"/>
+            <element ref="saml:EncryptedID"/>
+        </choice>
+        <attribute name="DelegationInstant" type="dateTime" use="optional"/>
+        <attribute name="ConfirmationMethod" type="anyURI" use="optional"/>
+    </complexType>
+</schema>
diff --git a/schemas/sstc-saml-metadata-ext-query.xsd b/schemas/sstc-saml-metadata-ext-query.xsd
index 75b9fac..1e735a3 100644
--- a/schemas/sstc-saml-metadata-ext-query.xsd
+++ b/schemas/sstc-saml-metadata-ext-query.xsd
@@ -1,66 +1,66 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<schema 
-  targetNamespace="urn:oasis:names:tc:SAML:metadata:ext:query"
-  xmlns="http://www.w3.org/2001/XMLSchema"
-  xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
-  xmlns:query="urn:oasis:names:tc:SAML:metadata:ext:query"
-  elementFormDefault="unqualified"
-  attributeFormDefault="unqualified"
-  blockDefault="substitution"
-  version="2.0">
-
-  <annotation>
-    <documentation>
-      Document title: SAML Metadata Extension Schema for Query Requester
-      Document identifier: sstc-saml-metadata-ext-query.xsd
-      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
-      Revision history:
-      V1.0 (February 2006):
-        Initial version.
-    </documentation>
-  </annotation>
-
-  <import namespace="urn:oasis:names:tc:SAML:2.0:metadata"
-    schemaLocation="saml-schema-metadata-2.0.xsd"/>
-
-  <complexType name="QueryDescriptorType" abstract="true">
-    <complexContent>
-      <extension base="md:RoleDescriptorType">
-        <sequence>
-          <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
-      </extension>
-    </complexContent>
-  </complexType>
-
-  <complexType name="AuthnQueryDescriptorType">
-    <complexContent>
-      <extension base="query:QueryDescriptorType"/>
-    </complexContent>
-  </complexType>
-
-  <complexType name="AttributeQueryDescriptorType">
-    <complexContent>
-      <extension base="query:QueryDescriptorType">
-        <sequence>
-          <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-      </extension>
-    </complexContent>
-  </complexType>
-
-  <element name="ActionNamespace" type="anyURI"/>
-    
-  <complexType name="AuthzDecisionQueryDescriptorType">
-    <complexContent>
-      <extension base="query:QueryDescriptorType">
-        <sequence>
-          <element ref="query:ActionNamespace" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-      </extension>
-    </complexContent>
-  </complexType>
-
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<schema 
+  targetNamespace="urn:oasis:names:tc:SAML:metadata:ext:query"
+  xmlns="http://www.w3.org/2001/XMLSchema"
+  xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+  xmlns:query="urn:oasis:names:tc:SAML:metadata:ext:query"
+  elementFormDefault="unqualified"
+  attributeFormDefault="unqualified"
+  blockDefault="substitution"
+  version="2.0">
+
+  <annotation>
+    <documentation>
+      Document title: SAML Metadata Extension Schema for Query Requester
+      Document identifier: sstc-saml-metadata-ext-query.xsd
+      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+      Revision history:
+      V1.0 (February 2006):
+        Initial version.
+    </documentation>
+  </annotation>
+
+  <import namespace="urn:oasis:names:tc:SAML:2.0:metadata"
+    schemaLocation="saml-schema-metadata-2.0.xsd"/>
+
+  <complexType name="QueryDescriptorType" abstract="true">
+    <complexContent>
+      <extension base="md:RoleDescriptorType">
+        <sequence>
+          <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
+      </extension>
+    </complexContent>
+  </complexType>
+
+  <complexType name="AuthnQueryDescriptorType">
+    <complexContent>
+      <extension base="query:QueryDescriptorType"/>
+    </complexContent>
+  </complexType>
+
+  <complexType name="AttributeQueryDescriptorType">
+    <complexContent>
+      <extension base="query:QueryDescriptorType">
+        <sequence>
+          <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+      </extension>
+    </complexContent>
+  </complexType>
+
+  <element name="ActionNamespace" type="anyURI"/>
+    
+  <complexType name="AuthzDecisionQueryDescriptorType">
+    <complexContent>
+      <extension base="query:QueryDescriptorType">
+        <sequence>
+          <element ref="query:ActionNamespace" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
+      </extension>
+    </complexContent>
+  </complexType>
+
+</schema>
diff --git a/schemas/sstc-saml-protocol-ext-thirdparty.xsd b/schemas/sstc-saml-protocol-ext-thirdparty.xsd
index 9358620..0e903cf 100644
--- a/schemas/sstc-saml-protocol-ext-thirdparty.xsd
+++ b/schemas/sstc-saml-protocol-ext-thirdparty.xsd
@@ -1,29 +1,29 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema 
-  targetNamespace="urn:oasis:names:tc:SAML:protocol:ext:third-party"
-  xmlns="http://www.w3.org/2001/XMLSchema"
-  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-  elementFormDefault="unqualified"
-  attributeFormDefault="unqualified"
-  blockDefault="substitution"
-  version="2.0">
-
-  <annotation>
-    <documentation>
-      Document title: SAML Protocol Extension Schema for Third-Party Requests
-      Document identifier: sstc-saml-protocol-ext-thirdparty.xsd
-      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
-      Revision history:
-      V1.0 (February 2006):
-        Initial version.
-    </documentation>
-  </annotation>
-
-  <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
-    schemaLocation="saml-schema-assertion-2.0.xsd"/>
-
-  <element name="RespondTo" type="saml:NameIDType"/>
-  
-  <attribute name="supportsRespondTo" type="boolean"/>
-
-</schema>
+<?xml version="1.0" encoding="UTF-8"?>
+<schema 
+  targetNamespace="urn:oasis:names:tc:SAML:protocol:ext:third-party"
+  xmlns="http://www.w3.org/2001/XMLSchema"
+  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+  elementFormDefault="unqualified"
+  attributeFormDefault="unqualified"
+  blockDefault="substitution"
+  version="2.0">
+
+  <annotation>
+    <documentation>
+      Document title: SAML Protocol Extension Schema for Third-Party Requests
+      Document identifier: sstc-saml-protocol-ext-thirdparty.xsd
+      Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+      Revision history:
+      V1.0 (February 2006):
+        Initial version.
+    </documentation>
+  </annotation>
+
+  <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
+    schemaLocation="saml-schema-assertion-2.0.xsd"/>
+
+  <element name="RespondTo" type="saml:NameIDType"/>
+  
+  <attribute name="supportsRespondTo" type="boolean"/>
+
+</schema>
diff --git a/schemas/sstc-saml1x-metadata.xsd b/schemas/sstc-saml1x-metadata.xsd
index 569e25d..26969aa 100644
--- a/schemas/sstc-saml1x-metadata.xsd
+++ b/schemas/sstc-saml1x-metadata.xsd
@@ -1,25 +1,25 @@
-<schema
-    targetNamespace="urn:oasis:names:tc:SAML:profiles:v1metadata"
-    xmlns:saml1md="urn:oasis:names:tc:SAML:profiles:v1metadata"
-    xmlns="http://www.w3.org/2001/XMLSchema"
-    elementFormDefault="unqualified"
-    attributeFormDefault="unqualified"
-    blockDefault="substitution"
-    version="2.0">
-    <annotation>
-        <documentation>
-            Document identifier: sstc-saml1x-metadata
-            Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
-            Revision history:
-            V1.0 (July 2006):
-              Initial version.
-        </documentation>
-    </annotation>
-    <element name="SourceID">
-        <simpleType>
-            <restriction base="string">
-                <pattern value="[a-f0-9]{40}"/>
-            </restriction>
-        </simpleType>
-    </element>
-</schema>
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:profiles:v1metadata"
+    xmlns:saml1md="urn:oasis:names:tc:SAML:profiles:v1metadata"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <annotation>
+        <documentation>
+            Document identifier: sstc-saml1x-metadata
+            Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+            Revision history:
+            V1.0 (July 2006):
+              Initial version.
+        </documentation>
+    </annotation>
+    <element name="SourceID">
+        <simpleType>
+            <restriction base="string">
+                <pattern value="[a-f0-9]{40}"/>
+            </restriction>
+        </simpleType>
+    </element>
+</schema>
-- 
2.1.4

