shibboleth-dev - RE: Tomcat and certificate validation for SSL
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Cc: <>
- Subject: RE: Tomcat and certificate validation for SSL
- Date: Tue, 14 Jun 2005 16:33:48 -0400
- Organization: The Ohio State University
> Perhaps I'm not understanding the problem enough (probably) but would it
> help if the SP signed SAML Requests? Then it's client cert ends up in the
> SAML request and can be extracted by the AA and validated. TLS can still
> handle the wire, though it too could be binned if message-level encryption
> was used.
There is no interoperable way to do the encryption until 2.0, and we'd also
have to add replay detection/caching to prevent replay attacks.
-- Scott
- Re: Tomcat and certificate validation for SSL, (continued)
- Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Chad La Joie, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Howard Gilbert, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Chad La Joie, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Howard Gilbert, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Chad La Joie, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Chad La Joie, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
- Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
Archive powered by MHonArc 2.6.16.