OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Encryption Question on Attribute Sharing Profile


Title: Message
Rick, hi. In several locations you talk about the following:
 
"MAY use a previously established symmetric key"
 
Can you elaborate on this. Do you mean:
 
- a symmetric key established out of band?
- a symmetric key that is present somewhere in the current xml msg (so only one EncryptionKey element is necessary for each SAML msg)?
- a symmetric key that was present in some previous SAML msg (could have been hours/days ago); hence placing a persistence requirement on the receiving service?
 
The next paragraph(s) talk about changing the symmetric key. Does this imply, if changed, it needs to be persisted by the receiving provider from now on. Or will the changed symmetric key be send each time afterwards until it is changed out of band?
 
Thanks, Tom.

Thomas Wisniewski
Software Architect
Phone: (201) 891-0524
Cell: (201) 248-3668
 
EntrustÒ
Securing Digital Identities
& Information

 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]