saml-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Signature with HTTP Redirect Binding
- From: valerie.bauche@bull.net
- To: saml-dev@lists.oasis-open.org
- Date: Tue, 5 Jun 2007 15:06:57 +0200
The SAML binding documentation describe how to encode and sign a SAML message sent with HTTP Redirect Binding
My question is about signature :
I'm more familiar with XML Signature which usually includes the certificate (or public key) that can be used to verify the signature
But with HTTP-Redirect, I presume that certificate can't be send due to space concerns.
So how does the receiver knows the public key to be used to verifiy the signature ?
Does it have to maintain a list of all possible senders with their associated public key ?
Valérie
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]