[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] SAML Token Brainstorming
As discussed on the call, we should discuss how encryption should be integrated with the SAML token profile. I agree that a key in or referenced from a (holder-of-key) assertion could be used in the same manner that a key in an x509 cert was used in our encryption scenarios. <Prateek> Regrettably, I missed this discussion but here is my guess: the key found in the holder-of-key assertion is used to encrypt a (generated) symmetric key, which in turn is used to encrypt the body. Can you confirm that this is the case of interest? </Prateek>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]