mace-opensaml-users - RE: [OpenSAML] [OpenSAML2] Encryption for SAML1.1 assertions
Subject: OpenSAML user discussion
List archive
- From: "Pantvaidya, Vishwajit" <>
- To: "" <>
- Subject: RE: [OpenSAML] [OpenSAML2] Encryption for SAML1.1 assertions
- Date: Thu, 6 Nov 2008 19:12:12 -0800
- Accept-language: en-US
- Acceptlanguage: en-US
|
Thanks Nate. I had implemented some code that would
take care of decryption. But considering this – it looks like that code would
have to wait till the move to SAML2 happens. - Vish. From: Nate
Klingenstein [mailto:] Vishwajit, Unfortunately, or maybe lucky for you, SAML 1.1 doesn't support
encryption of assertions. http://en.wikipedia.org/wiki/SAML#SAML_building_blocks Take care, Nate. On 7 Nov 2008, at 02:54, Pantvaidya, Vishwajit wrote:
Does the SAML1.1 spec support
encryption of assertions – I mean as an implementer of the browser post profile
on the service provider (relying party) side, do I need to be prepared to
receive encrypted assertions? I could not see anything specific on this in the
core spec or in the security considerations. Also I do see that the SAML2
classes in OpenSAML2 have the EncryptedAssertion type. But I could not find the
SAML1 counterpart of that. |
- [OpenSAML2] Encryption for SAML1.1 assertions, Pantvaidya, Vishwajit, 11/06/2008
- Re: [OpenSAML] [OpenSAML2] Encryption for SAML1.1 assertions, Nate Klingenstein, 11/06/2008
- RE: [OpenSAML] [OpenSAML2] Encryption for SAML1.1 assertions, Pantvaidya, Vishwajit, 11/06/2008
- Re: [OpenSAML] [OpenSAML2] Encryption for SAML1.1 assertions, Nate Klingenstein, 11/06/2008
Archive powered by MHonArc 2.6.16.