imi message

Subject: Re: [imi] Question regarding encryption

From: Mario Ivkovic <mario.ivkovic@a-sit.at>
To: imi@lists.oasis-open.org
Date: Mon, 07 Dec 2009 19:05:11 +0100

Scott Cantor schrieb:
> Mario Ivkovic wrote on 2009-12-07:
>> In my envisaged scenario the user would sign an RP defined message, add
>> it as an additional claim and transmit it to the IdP. The IdP adds the
>> users public key to the token and signs it. This can be seen as a HoK
> proof.
> 
> Or...just do HoK as it's already defined.

Yes, but we need this signed message anyway to prove the user's consent
(the affirmative statement story).

Btw. which selectors currently support HoK?

kind regards,

Mario




-- 

Mario Ivkovic
A-SIT, Secure Information Technology Center - Austria
Inffeldgasse 16a, A-8010 Graz, Austria
Tel.: +43 (316) 873-5528  Fax.: +43 (316) 873-105521
Mario.Ivkovic@a-sit.at

Follow-Ups:
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>

References:
- [OASIS Issue Tracker] Created: (IMI-25) ic09:X509Principal andic09:X509SubjectAndIssuer introduced in locations that violate IMI 1.0schema
  - From: OASIS Issues Tracker <workgroup_mailer@lists.oasis-open.org>
- Question regarding encryption
  - From: Mario Ivkovic <mario.ivkovic@a-sit.at>
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>
- Re: [imi] Question regarding encryption
  - From: Mario Ivkovic <mario.ivkovic@a-sit.at>
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>
- RE: [imi] Question regarding encryption
  - From: "Scott Cantor" <cantor.2@osu.edu>