Hello.
I would like to ask one question if possible.
Namely, how can and IdP protect against DOS attacks,
by restricting allowed authentication requests from certain
SP's, when an attacker can easily spoof IP addresses? --
i.e. is there another way, to limit the set of SP's that can initiate user authentication with the IdP? (I don't look at the cases hen one can use IPSec, in order to prevent spoofing IP addresses-- that's one answer I guess, but I wonder if there are other ways as well).
Thank
you.
Kind Regards,
Giorgi.