[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: signing and encryption requirements in metadata
SAML V2.0 metadata offers the following three attributes: IDPSSODescriptor/@WantAuthnRequestsSigned SPSSODescriptor/@AuthnRequestsSigned SPSSODescriptor/@WantAssertionsSigned Along these lines, the following might be useful: IDPSSODescriptor/@WantQueriesSigned AttributeAuthorityDescriptor/@WantQueriesSigned PDPDescriptor/@WantQueriesSigned Is there some reason these were omitted, or is it simply a matter of supporting the most commonly used profile (i.e., SSO)? Also, wouldn't it be useful if encryption requirements could be called out at the SP? SPSSODescriptor/@WantAssertionsEncrypted AttributeConsumingService/@WantAttributesEncrypted Was this ever discussed as the metadata spec was being developed? Thanks, Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]