OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

imi message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Question regarding encryption

Hi all,

I've a question regarding encryption and privacy. Maybe this has been already discussed and I missed it.


A security token issued by an IdP is - if the IdP knows the certificate of the RP - encrypted with the RP's public key.

But if for some reasons the user doesn't want that the IdP knows the RP but still wants encryption this cannot be done. 
Is it possible to encrypt the token with a public key belonging to the user (card selector)? The user then decrypts the 
token, verifies it, and then encrypts it again with the RP's public key.

kind regards,

Mario

-- 

DI Mario Ivkovic
A-SIT, Secure Information Technology Center - Austria
Inffeldgasse 16a, A-8010 Graz, Austria
Tel.: +43 (316) 873-5528  Fax.: +43 (316) 873-105521
Mario.Ivkovic@a-sit.at

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]