Add reference for encryption key.

git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/trunk@2434 cb58f699-b61c-0410-a6fe-9272a202ed29

diff --git a/configs/example-metadata.xml.in b/configs/example-metadata.xml.in
index 51c1bd6..c4f627f 100644 (file)
--- a/configs/example-metadata.xml.in
+++ b/configs/example-metadata.xml.in
@@ -68,7 +68,7 @@
                        may provide specific guidance on this.
                        -->
                        <KeyDescriptor use="signing">
-                           <ds:KeyInfo>
+                           <ds:KeyInfo Id="examplekey">
                                <ds:X509Data>
                                        <ds:X509Certificate>
 MIICkjCCAfugAwIBAgIJAK7VCxPsh8yrMA0GCSqGSIb3DQEBBAUAMDsxCzAJBgNV
@@ -90,6 +90,13 @@ w14fpgtAk2x8xD7cpHsZ073JHxEcjEetD8PTtrFdNu6GwIrv6Sk=
                            </ds:KeyInfo>
                        </KeyDescriptor>
 
+                       <!-- Reusing a single key for encryption can be done with a reference to it. -->
+                   <KeyDescriptor use="encryption">
+                               <ds:KeyInfo>
+                                       <ds:RetrievalMethod URI="#examplekey" Type="http://www.w3.org/2000/09/xmldsig#X509Data"/>
+                               </ds:KeyInfo>
+                   </KeyDescriptor>
+
                        <!-- This tells SPs where/how to resolve SAML 1.x artifacts into SAML assertions. -->
                        <ArtifactResolutionService index="1"
                                Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"