diff --git a/docs/simplesamlphp-idp.txt b/docs/simplesamlphp-idp.txt
index 4be6f07faa263c35101aa10af15255b2d4e6c73c..b246dec66149c2e50ac0c81e76cd3f5019fe62d0 100644
--- a/docs/simplesamlphp-idp.txt
+++ b/docs/simplesamlphp-idp.txt
@@ -154,7 +154,7 @@ The [interoperable SAML 2 profile](http://saml2int.org/profile/current) specifie
 We therefore recommended enabling this in new installations.
 This can be done by adding the following to the saml20-idp-hosted configuration:
 
-    'AttributeNameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+    'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
     'authproc' => array(
         // Convert LDAP names to oids.
         100 => array('class' => 'core:AttributeMap', 'name2oid'),
diff --git a/docs/simplesamlphp-reference-idp-hosted.txt b/docs/simplesamlphp-reference-idp-hosted.txt
index 08fa994aa261c449ffb6f0178949632351853f5a..c4490b1a7ffe139a455d21cfeb1cc883d54e1025 100644
--- a/docs/simplesamlphp-reference-idp-hosted.txt
+++ b/docs/simplesamlphp-reference-idp-hosted.txt
@@ -133,7 +133,7 @@ The following SAML 2.0 options are available:
 
 :   Note that this option can be set for each SP in the SP-remote metadata.
 
-`AttributeNameFormat`
+`attributes.NameFormat`
 :   What value will be set in the Format field of attribute
     statements. This parameter can be configured multiple places, and
     the actual value used is fetched from metadata by the following
@@ -163,6 +163,8 @@ The following SAML 2.0 options are available:
     any value in the SP-remote metadata overrides the one configured
     in the IdP metadata.
 
+:   (This option was previously named `AttributeNameFormat`.)
+
 `https.certificate`
 :   The certificate used by the webserver when handling connections.
     This certificate will be added to the generated metadata of the IdP,
diff --git a/docs/simplesamlphp-reference-sp-remote.txt b/docs/simplesamlphp-reference-sp-remote.txt
index a3d9c68c4593f0ada71444be70acd8b269e00470..bc15925352402a8ff97759dbc30f016f306ba769 100644
--- a/docs/simplesamlphp-reference-sp-remote.txt
+++ b/docs/simplesamlphp-reference-sp-remote.txt
@@ -123,7 +123,7 @@ The following SAML 2.0 options are available:
 
 :   The value of this option is specified in one of several [endpoint formats](./simplesamlphp-metadata-endpoints).
 
-`AttributeNameFormat`
+`attributes.NameFormat`
 :   What value will be set in the Format field of attribute
     statements. This parameter can be configured multiple places, and
     the actual value used is fetched from metadata by the following
@@ -153,6 +153,8 @@ The following SAML 2.0 options are available:
     entry in the SP-remote metadata overrides the option in the
     IdP-hosted metadata.
 
+:   (This option was previously named `AttributeNameFormat`.)
+
 `ForceAuthn`
 :   Set this `TRUE` to force the user to reauthenticate when the IdP
     receives authentication requests from this SP. The default is
diff --git a/metadata-templates/saml20-idp-hosted.php b/metadata-templates/saml20-idp-hosted.php
index a714a7ec2568f4e38785ef00e251979e3421630b..d470e9805104539a9d46f137d5d563fc348ef2bb 100644
--- a/metadata-templates/saml20-idp-hosted.php
+++ b/metadata-templates/saml20-idp-hosted.php
@@ -25,7 +25,7 @@ $metadata['__DYNAMIC:1__'] = array(
 
 	/* Uncomment the following to use the uri NameFormat on attributes. */
 	/*
-	'AttributeNameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+	'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
 	'authproc' => array(
 		// Convert LDAP names to oids.
 		100 => array('class' => 'core:AttributeMap', 'name2oid'),
diff --git a/modules/authX509/docs/authX509.txt b/modules/authX509/docs/authX509.txt
index 91f21e36d86133fdc9a936b6745cfb9940f11828..4992e617f1edcb68b69a29a0a8893c2e0877cbe3 100644
--- a/modules/authX509/docs/authX509.txt
+++ b/modules/authX509/docs/authX509.txt
@@ -100,7 +100,7 @@ can hack your metadata/saml20-idp-hosted.php file that way:
             'authority'     =>      'login',
             'userid.attribute' =>   'uid',
             'logouttype'    =>      'iframe',
-            'AttributeNameFormat' =>
+            'attributes.NameFormat' =>
                             'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
     )
 
diff --git a/modules/core/docs/authproc_targetedid.txt b/modules/core/docs/authproc_targetedid.txt
index 72a482599ba9edcc40e4fd87f7e492b9f3f74403..f6cea7da7aff57475756832af03995d944d51ecf 100644
--- a/modules/core/docs/authproc_targetedid.txt
+++ b/modules/core/docs/authproc_targetedid.txt
@@ -56,7 +56,7 @@ Internet2 compatible `eduPersontargetedID`:
                 'name2oid',
             ),
         ),
-        'AttributeNameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+        'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
         'attributeencodings' => array(
             'urn:oid:1.3.6.1.4.1.5923.1.1.1.10' => 'raw', /* eduPersonTargetedID with oid NameFormat. */
         ),
diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php
index 0b64d0c5c2193770509767accec17747de3500b1..a7d04b3844c83a788fa62f0292572e6690412c22 100644
--- a/modules/saml/lib/IdP/SAML2.php
+++ b/modules/saml/lib/IdP/SAML2.php
@@ -621,6 +621,40 @@ class sspmod_saml_IdP_SAML2 {
 	}
 
 
+	/**
+	 * Determine which NameFormat we should use for attributes.
+	 *
+	 * @param SimpleSAML_Configuration $idpMetadata  The metadata of the IdP.
+	 * @param SimpleSAML_Configuration $spMetadata  The metadata of the SP.
+	 * @return string  The NameFormat.
+	 */
+	private static function getAttributeNameFormat(SimpleSAML_Configuration $idpMetadata, SimpleSAML_Configuration $spMetadata) {
+
+		/* Try SP metadata first. */
+		$attributeNameFormat = $spMetadata->getString('attributes.NameFormat', NULL);
+		if ($attributeNameFormat !== NULL) {
+			return $attributeNameFormat;
+		}
+		$attributeNameFormat = $spMetadata->getString('AttributeNameFormat', NULL);
+		if ($attributeNameFormat !== NULL) {
+			return $attributeNameFormat;
+		}
+
+		/* Look in IdP metadata. */
+		$attributeNameFormat = $idpMetadata->getString('attributes.NameFormat', NULL);
+		if ($attributeNameFormat !== NULL) {
+			return $attributeNameFormat;
+		}
+		$attributeNameFormat = $idpMetadata->getString('AttributeNameFormat', NULL);
+		if ($attributeNameFormat !== NULL) {
+			return $attributeNameFormat;
+		}
+
+		/* Default. */
+		return 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic';
+	}
+
+
 	/**
 	 * Build an assertion based on information in the metadata.
 	 *
@@ -687,11 +721,7 @@ class sspmod_saml_IdP_SAML2 {
 		/* Add attributes. */
 
 		if ($spMetadata->getBoolean('simplesaml.attributes', TRUE)) {
-			$attributeNameFormat = $spMetadata->getString('AttributeNameFormat', NULL);
-			if ($attributeNameFormat === NULL) {
-				$attributeNameFormat = $idpMetadata->getString('AttributeNameFormat',
-					'urn:oasis:names:tc:SAML:2.0:attrname-format:basic');
-			}
+			$attributeNameFormat = self::getAttributeNameFormat($idpMetadata, $spMetadata);
 			$a->setAttributeNameFormat($attributeNameFormat);
 			$attributes = self::encodeAttributes($idpMetadata, $spMetadata, $state['Attributes']);
 			$a->setAttributes($attributes);