[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [imi] SAML 2 profile questions
John Bradley wrote: > I agree with Scott. If you want some sort of unsigned token it should > be a different token type. Or at least a different profile that I can take my name off of. > I think different signature methods should be supported rather than > limiting it to RSA sigs, but I believe that is allowed now. The specification is silent about it except where it discusses things like HoK, which is separate from this. > Scott, If as a issuer I wanted to use pre shared symmetric keys would > that be supported by this profile? Anything supported by SAML is supported by the profile, and SAML supports anything defined for XML Signature, which includes HMAC signatures. Of course, those aren't mandatory to implement at the moment, and lots of implementations wouldn't handle them. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]