saml-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: question on Holder fo the key
- From: swu@axolotl.com
- To: saml-dev@lists.oasis-open.org <saml-dev@lists.oasis-open.org>
- Date: Mon, 23 May 2011 15:12:54 -0700
Sorry to bother you guys, one of our client
is using HOK and do not send any x509 certificate, I know OASIS spec requires
that for HOK
but our client do not wish to distribute
x509 certificate and thinks the trust relationship is sufficient at SSL
mutual auth level (sigh...)
my question would be, for SAML assertion
(within WSS SOAP), including a pub key in the following, does it satisfy
the spec ?
(I do realize this destroy the trust
model with out x509 certificate, is there thing on the spec that will help
me ?)
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml2:SubjectConfirmationData>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>j0kqRj2nbkLawco4sakRS5+s.......Vd38WmCsNr+B06UQeCEM=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</saml2:SubjectConfirmationData>
</saml2:SubjectConfirmation>
thank you very much !!!
Stephen
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]