[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Trust in artifact resolution
Section 5.4.2 ("<ArtifactResponse> Usage") of SAML2Profiles states that "The responder MUST authenticate itself to the requester and ensure message integrity, either by signing the message or using a binding-specific mechanism". I'm curious about the requirement to authenticate to the responder. For example, imagine an SAML artifact format that carried a hash of the SAML message. The requester could verify post hoc that the resolved assertion was genuine by calculating the hash and matching this value to the value in the artifact. This isn't authentication, but it provides the evidence that the requester needs (that it has obtained the SAML message from the same place it obtained the artifact). If a binding where to use this mechanism, would this violate the requirement set out above? josh.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]