mace-opensaml-users - RE: [OpenSAML] Testing SAML relying party browser post profile

Subject: OpenSAML user discussion

List archive

RE: [OpenSAML] Testing SAML relying party browser post profile

From: "Scott Cantor" <>
To: <>
Subject: RE: [OpenSAML] Testing SAML relying party browser post profile
Date: Mon, 10 Nov 2008 21:13:40 -0500
Organization: The Ohio State University

> [Pantvaidya, Vishwajit] So what you mean is that even with SAML2.0 there
is
> no way to use secret keys?

Yes, it's allowed.

> [Pantvaidya, Vishwajit] Just to understand this, why not just encrypt with
> the public key? Does this provide any additional level of security (though
I
> cannot imagine how).

RSA encryption is many times as expensive. You never bulk encrypt with RSA.

-- Scott

Re: [OpenSAML] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 11/07/2008
- Re: [OpenSAML] Testing SAML relying party browser post profile, Brent Putman, 11/07/2008
- <Possible follow-up(s)>
- Re: [OpenSAML] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 11/07/2008
  - RE: [OpenSAML] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 11/10/2008
    - Re: [OpenSAML] Testing SAML relying party browser post profile, Brent Putman, 11/10/2008
      - RE: [OpenSAML] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 11/10/2008
        
        RE: [OpenSAML] Testing SAML relying party browser post profile, Scott Cantor, 11/10/2008
        
        Re: [OpenSAML] Testing SAML relying party browser post profile, Brent Putman, 11/10/2008
        
        RE: [OpenSAML] Testing SAML relying party browser post profile, Pantvaidya, Vishwajit, 11/10/2008
        
        Re: [OpenSAML] Testing SAML relying party browser post profile, Brent Putman, 11/10/2008

List archive

RE: [OpenSAML] Testing SAML relying party browser post profile