From 8a23124a0bf23271ca0b01a959c6dab520b11162 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 6 Sep 2011 12:02:33 +0000
Subject: [PATCH] Document nameid.encryption.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2891 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/simplesamlphp-reference-idp-hosted.txt | 6 ++++++
 docs/simplesamlphp-reference-idp-remote.txt | 8 ++++++++
 docs/simplesamlphp-reference-sp-remote.txt  | 8 ++++++++
 modules/saml/docs/sp.txt                    | 8 ++++++++
 4 files changed, 30 insertions(+)

diff --git a/docs/simplesamlphp-reference-idp-hosted.txt b/docs/simplesamlphp-reference-idp-hosted.txt
index 02bfcc3d8..08fa994aa 100644
--- a/docs/simplesamlphp-reference-idp-hosted.txt
+++ b/docs/simplesamlphp-reference-idp-hosted.txt
@@ -168,6 +168,12 @@ The following SAML 2.0 options are available:
     This certificate will be added to the generated metadata of the IdP,
     which is required by some SPs when using the HTTP-Artifact binding.
 
+`nameid.encryption`
+:   Whether NameIDs sent from this IdP should be encrypted. The default
+    value is `FALSE`.
+
+:   Note that this option can be set for each SP in the [SP-remote metadata](./simplesamlphp-reference-sp-remote).
+
 `SingleSignOnService`
 :   Override the default URL for the SingleSignOnService for this
     IdP. This is an absolute URL. The default value is
diff --git a/docs/simplesamlphp-reference-idp-remote.txt b/docs/simplesamlphp-reference-idp-remote.txt
index 0edad94e6..71478f112 100644
--- a/docs/simplesamlphp-reference-idp-remote.txt
+++ b/docs/simplesamlphp-reference-idp-remote.txt
@@ -101,6 +101,14 @@ SAML 2.0 options
 
 The following SAML 2.0 options are available:
 
+`nameid.encryption`
+:   Whether NameIDs sent to this IdP should be encrypted. The default
+    value is `FALSE`.
+
+:   Note that this option also exists in the SP configuration. This
+    entry in the IdP-remote metadata overrides the option in the
+    [SP configuration](./saml:sp).
+
 `saml2.relaxvalidation`
 :   Can be used to relax some parts of the validation of assertions received from this IdP. This is an array, and can include one or more of the following flags:
 
diff --git a/docs/simplesamlphp-reference-sp-remote.txt b/docs/simplesamlphp-reference-sp-remote.txt
index 7a5a841e6..20a6fda34 100644
--- a/docs/simplesamlphp-reference-sp-remote.txt
+++ b/docs/simplesamlphp-reference-sp-remote.txt
@@ -173,6 +173,14 @@ The following SAML 2.0 options are available:
     specified in the `simplesaml.nameidattribute`-option as the value
     of the ID.
 
+`nameid.encryption`
+:   Whether NameIDs sent to this SP should be encrypted. The default
+    value is `FALSE`.
+
+:   Note that this option also exists in the IdP-hosted metadata. This
+    entry in the SP-remote metadata overrides the option in the
+    [IdP-hosted metadata](./simplesamlphp-reference-idp-hosted).
+
 `SingleLogoutService`
 :   The URL of the SingleLogoutService endpoint for this SP.
     This option is required if you want to implement single logout for
diff --git a/modules/saml/docs/sp.txt b/modules/saml/docs/sp.txt
index 90b1f0dab..5e5c66a0c 100644
--- a/modules/saml/docs/sp.txt
+++ b/modules/saml/docs/sp.txt
@@ -216,6 +216,14 @@ Options
 
 :   *Note*: You must also specify at least one attribute in the `attributes` option for this element to be added to the metadata.
 
+`nameid.encryption`
+:   Whether NameIDs sent from this SP should be encrypted. The default
+    value is `FALSE`.
+
+:   Note that this option can be set for each IdP in the [IdP-remote metadata](./simplesamlphp-reference-idp-remote).
+
+:   *Note*: SAML 2 specific.
+
 `NameIDPolicy`
 :   The format of the NameID we request from the IdP.
     Defaults to the transient format if unspecified.
-- 
GitLab