OpenSAML user discussion

[Derek Atkins <>]

Quoting Scott Cantor 
<>:

> > Relace Kerberos Ticket by SAML Assertion may not feasible. Ok, but using 
> > publickey is really slow down performce of the system. And I really like
> > the  security model of Kerberos with the use of symmetric key. I 
> > will think about defining the format of Kerberos based on XML.
> 
> SAML has no notion of public key or anything else. If your confirmation or
> HMAC key is symmetric, than there's no PKI involved.

How do you do your symmetric key exchange?  In particular, how do you get the
shared secret between the subject (the user) and the SP (the service)?

> -- Scott

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       

                        PGP key available