[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] How does an artifact issuer "authenticate" the sender of the <ArtifactResolve> message?
> This is somewhat off-topic, but apropos for the question...I > continue to wonder how one can be confident in the sender of > a message based on a signature. That authenticates the > message, but not the sender, and it seems like in this case > moreso than many others in SAML, you *really* care about the > sender quite a lot. Perhaps one of the things we should do in a future release is to add an element in the assertion indicating how the assertion was to be delivered. This would reduce the usefulness of a MiTM getting an assertion as they could no longer use it in a non-artifact delivery. > You could "trust" that the client is doing TLS server-auth to > prevent a MitM, but that seems like a strange thing to do > from the server end to protect the dereferencing of the artifact. I don't think it's just "trust". In the typical case, the SP would be contractually obligated to use ServerAuth SSL and they are the party who's resource is being accessed so they have a lot of incentive to do it right. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]