shibboleth-dev - HTTP POST 'NoXMLdsig' Binding
Subject: Shibboleth Developers
List archive
- From: "Tom Scavo" <>
- To: "Shibboleth Development" <>
- Subject: HTTP POST 'NoXMLdsig' Binding
- Date: Tue, 13 Jun 2006 09:16:50 -0400
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=WyUanO4GAOiKAxsFWw/mObTECr8KU+JYP677dTa7NPvGQkvGzRk0QCaRRVAj2vRcJ3vrQZDfCS93KlhmyIoOFT2oY5xuEQPjMIRRMrJjFXgJyW8huJ1wCXLWHSZZ0+Mmc2dAeXSIABMq22bsfj59WdtW4+Qg8gBPJcvzsOtOlCE=
----------------------------------------------------------------------
SAMLv2: HTTP POST 'NoXMLdsig' Binding
Jeff Hodges and Scott Cantor (eds), Draft Contributed to OASIS SSTC
The HTTP POST binding, defined in "Bindings for the OASIS Security
Assertion Markup Language (SAML) V2.0.", defines a mechanism by which
SAML protocol messages may be transmitted within the base64-encoded
content of an HTML form control. When using that binding, SAML protocol
messages and/or SAML assertions are signed using XML Signature, which
is an XML-aware, XML-based, invasive digital signature paradigm
necessitating canonicalization of the signature target. This document
specifies an alternative HTTP POST binding where the conveyed SAML
protocol messages, and their content -- i.e. any conveyed SAML
assertions -- are signed as simple 'blobs' ('binary large objects',
aka binary octet strings). This binding MAY be composed with the HTTP
Redirect binding and the HTTP Artifact binding to transmit request and
response messages in a single protocol exchange using two different
bindings.
http://xml.coverpages.org/saml.html#hodgesNoXMLDSIG00
See also the SSTC web site: http://www.oasis-open.org/committees/security/
----------------------------------------------------------------------
- HTTP POST 'NoXMLdsig' Binding, Tom Scavo, 06/13/2006
Archive powered by MHonArc 2.6.16.