Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Question related to Sharing same private key

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Question related to Sharing same private key


Chronological Thread 
  • From: rangeli nepal <>
  • To:
  • Subject: Re: [OpenSAML] Question related to Sharing same private key
  • Date: Tue, 3 May 2011 17:21:26 -0400
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=BGOWj4YJI3e+OMZLR0kx7gDPZMFXvTgdPT6R9hdkey35kZjaNT3UPNEuYjnG21XHoZ EQYj6Rw3uInys6pHwtqr0sohBWmTigw+/VHH9iJiMOWTuIrsMaOHU5WgBuXZrAzWuwDW 2p+cxIWOfhOFZn5ahskYU388Hi5pFM0EMvA2c=

I think this will defeat the purpose of asymmetric key encryption.
Just my one penny.
Santos

On Tue, May 3, 2011 at 4:28 PM, shri kanth s
<>
wrote:
> Hi,
>
>      I just had a question related to signing SAML Messages using OpenSaml.
>
> We are IDP provider and there are several vendors who uses IDP services.
> When a message is initiated from IDP , IDP signs the message using a private
> key and the requestor in question validates it using the public key provided
> to them. When the ServiceProvider posts the SAML message, they will sign
> using a private key and the IDP/ other Service provider verifies the message
> usign a public key.
>
> My question relates to
>
> 1) Can we use the same keystore at the IDP as well at the service provider
> end? Which ideally means sharing same private and public key,  What are
> security implications you can foresee in this scenario?
>
>
>
> Thanks,
>
>



Archive powered by MHonArc 2.6.16.

Top of Page