[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML2.0 SSO & identity management
The thought behind encrypted was that the IdP would choose whether or not the ID is encrypted depending upon the channel through which the assertion was delivered to the consuming party. This came about because of one of Liberty's web services invocation models where an assertion is delivered to party A to be delivered to party B through a web service invocation and the encrypted ID was used by the IdP to prevent party A from learning the ID for the user at party B.Hi thanks,The other thing strange (to me anyway) (also looking at 2136)is that the NameIDPolicy format has persistent/transient/encrypted and etc..This means I can either have a persistent ID or an encrypted ID in the resulting Assertions, which I think one shouldn't preclude the other.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]