The Shibboleth upgrade to version 5 is a major point upgrade to the software. To ensure a smooth upgrade, we are working with you to test and verify the successful completion of this upgrade via several steps - these steps include:

Starting in the AAF Test Environment,

1. Modifying any scripts and local metadata in preparation for the upgrade
2. Upgrading the Test IdP
3. Notifying you that your Test IdP instance has been upgraded
4. Requesting you to test the IdP using the AAF Attribute Validator
5.  Getting confirmation that everything is ok, or resolving any issues identified
6. Schedule a data and time for the production upgrade

Any required changes are made to the production IdP prior to upgrading on the requested date and time. The AAF Attribute Validator is again used to verify everything is working as expected.

As part of the version 5 upgrade, we are making some changes to your IdPs configuration so that it reflects changes made to the AAF Federation rules, which are:

• Use to the REFEDS Assurance Framework to determine the values provided in the eduPersonAssurance attribute
• Adding the SAMLSubjectID and SAMLPairwiseID attributes.

These changes will result in some changes to the values that are shown in the AAF Attribute Validator.

eduPersonAssurance

Initially no values will be provided. The old values have been deprecated and removed from the IdPs configuration as part of the upgrade. Expect to see an error Not Supplied (Required) showing. The new values will start appearing on completion of an assurance level review that begins with a questionnaire sent on the completion of the upgrade.

samlPairwiseID 

This is a scoped opaque value that is not reassign-able, targeted pseudonym for a subject (person).

samlSubjectID

This is a scoped value that is not reassign-able, non-targeted pseudonym for a subject (person).

smith@myuni.edu.au

When checking your AAF Attribute Validator results, look out for these expected changes to the values your IdP provides.