In 11.5.0 APM (Jan 2014) APM started to support SHA256 for SAML assertions.
424572APM SAML can now operate with other systems using either or both of these groups of algorithms: RSA-SHA256/RSA-SHA512 XML signature algorithms SHA256/SHA512 digest algorithms. It continues to sign its own SAML messages (AuthnRequests and Assertions) using RSA-SHA1.
Does APM still (in June 2016) use only SHA1 for SAML request signing and digests? In the F5 SAML AuthRequests we have http://www.w3.org/2000/09/xmldsigsha1" />
We have a major IdP no longer supporting SHA1, they want SHA256: http://www.w3.org/2001/04/xmlencsha256" />).
Are there plans for the SAML SHA256 signing and digests?