OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [saml-dev] How does an artifact issuer "authenticate" the sender of the <ArtifactResolve> message?


 


> This is somewhat off-topic, but apropos for the question...I 
> continue to wonder how one can be confident in the sender of 
> a message based on a signature. That authenticates the 
> message, but not the sender, and it seems like in this case 
> moreso than many others in SAML, you *really* care about the 
> sender quite a lot.

Perhaps one of the things we should do in a future release is to
add an element in the assertion indicating how the assertion 
was to be delivered.  This would reduce the usefulness
of a MiTM getting an assertion as they could no longer use it 
in a non-artifact delivery. 

> You could "trust" that the client is doing TLS server-auth to 
> prevent a MitM, but that seems like a strange thing to do 
> from the server end to protect the dereferencing of the artifact.

I don't think it's just "trust".  In the typical case, the 
SP would be contractually obligated to use ServerAuth SSL and
they are the party who's resource is being accessed so they 
have a lot of incentive to do it right.

Conor


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]