[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [Shib-Users] shib2 sp + unsigned slo messages
On 9. des.2008, at 02:04, Scott Cantor wrote: >> Is it possible to configure Shib 2.X SP to accept unsigned >> LogoutRequest >> messages? > > I can't think of any reason why you would want to, and I wouldn't > advise anybody to try, but in theory if you create a Security Policy > with a NullSecurity rule: Thanks... > I haven't ever tried it, and I wouldn't expect anybody to do so. > Signing is a MUST with POST or Redirect SLO messages. Yup, I know the profile doc says so. But I don't understand what threat you are protecting against when ensuring integrity of the LogoutRequest? (I moved the question to saml-dev@oasis, because this is no longer shib related.) -- Andreas Åkre Solberg =andreas http://rnd.feide.no
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]