Re: [saml-dev] role of public key in encrypted assertion

["Cantor, Scott" <cantor.2@osu.edu>]

On 11/3/12 9:36 PM, "Peter Schober" <peter.schober@univie.ac.at> wrote:

>This message (that's all of it) seems to imply that the incriminated key
>at:
>/Response/EncryptedAssertion/xenc:EncryptedData/ds:KeyInfo/xenc:EncryptedK
>ey/ds:KeyInfo/ds:X509Data/ds:X509Certificate
>should be the IdP's public key.

Nope.

>From glancing over XMLenc (section 3.5.1) and section 3.2.2 of the old
>"SAML Implementation Guidelines" (returned by $searchengine) I
>conclude that the SP's public key is included in order to inform the
>SP which of its keys had been used to encrypt the payload (encryption
>key).

Yep.

>Furthermore my guess is that the SP's tech-c (writing the above to me)
>is mistaken and thinks of (unencrypted) XMLsig, where it would make
>sense to include the issuer's public key in order to aid the SP in
>verifying the issuer's signature.

They'd both be there most likely but in different places in the message.
If the response weren't signed, then the IdP's key won't appear anywhere
until the encrypted assertion were decrypted. If it was, then both would
be visible prior to decryption.

-- Scott