[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [imi] Question regarding encryption
Mario Ivkovic wrote on 2009-12-07: > In my envisaged scenario the user would sign an RP defined message, add > it as an additional claim and transmit it to the IdP. The IdP adds the > users public key to the token and signs it. This can be seen as a HoK proof. Or...just do HoK as it's already defined. > The only problem is, that this is not possible with the current spec. All that's needed is an addition defining how to sign the message in which a token is submitted via form POST, which isn't terribly difficult to do. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]