shibboleth-dev - RE: Tomcat and certificate validation for SSL

Subject: Shibboleth Developers

List archive

RE: Tomcat and certificate validation for SSL

From: "Scott Cantor" <>
To: <>
Cc: <>
Subject: RE: Tomcat and certificate validation for SSL
Date: Tue, 14 Jun 2005 17:05:14 -0400
Organization: The Ohio State University

> > There is no interoperable way to do the encryption
>
> what about just signing the Request then? and letting tls continue to
> handle the confidentiality? without client-auth, as the
> validation is done at the message level?

That's fine, but we still need replay detection. And what exactly have we
gained? Slowness? ;-)

-- Scott

RE: Tomcat and certificate validation for SSL, (continued)
- Re: Tomcat and certificate validation for SSL, Chad La Joie, 06/14/2005
  - Re: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
    - RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
      - RE: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
        
        RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
        
        RE: Tomcat and certificate validation for SSL, Alistair Young, 06/14/2005
        
        RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
        Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
        RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
  - Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
    - RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
      - Re: Tomcat and certificate validation for SSL, Tom Scavo, 06/14/2005
        
        RE: Tomcat and certificate validation for SSL, Scott Cantor, 06/14/2005
      - Re: Tomcat and certificate validation for SSL, Walter Hoehn, 06/14/2005
- RE: Tomcat and certificate validation for SSL, Wilcox, Mark, 06/14/2005

List archive

RE: Tomcat and certificate validation for SSL