[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes for SSTC Telecon (18 Oct 2011)
On 10/18/11 1:07 PM, "Nguyenphu, Thinh (NSN - US/Irving)" <thinh.nguyenphu@nsn.com> wrote: > >- New security paper: Scott and Hall reported on new security >paper from Germany. New security paper published from Germany, which >identify potential SAML security risk. No, it identifies an XML Encryption issue. > The security paper, How to break >XML encryption, will be presented at ACM conference CCS 2011. The paper >documented some new techniques of attach SAML security assertion. Only indirectly. It says nothing about SAML. > It may >provides some recommendation to mitigate the problem. No, we have to provide recommendations in SAML to mitigate the issues with XML Encryption. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]