shibboleth-dev - Re: Encryption key strategies

Subject: Shibboleth Developers

List archive

Re: Encryption key strategies

From: "Tom Scavo" <>
To:
Subject: Re: Encryption key strategies
Date: Thu, 22 Jun 2006 08:34:12 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=GI1unxVd5PCDF9jXBIiukN9QwY6MHJkVghNhshwoiTo1vESmamDZeUF0xpvrYD9cpWbvDBeNOFyRndpz4fjqTbccWL/IgIMC/GOHEPdGcgZZjzfJiis9e1MdARZZ63adIzMVEMAgKlRkUYs/VVpU2W4yW2KhxJnHocJC9NKdL9E=

On 6/22/06, Scott Cantor
<>
wrote:

I asked around a little and determined that in SAML (or Liberty) land,
nobody's pushing much beyond per-message keys.

Is it reasonable to extend this beyond a single message and think
about per-transaction keys? The responder, for example, might reuse a
symmetric key in the request to encrypt a portion of the response.
For example, the responder might reuse a key that was used to encrypt
the NameID in the request to encrypt an assertion in the response.

Tom

Encryption key strategies, Scott Cantor, 06/21/2006
- Re: Encryption key strategies, Jim Fox, 06/22/2006
  - RE: Encryption key strategies, Scott Cantor, 06/22/2006
    - Re: Encryption key strategies, Tom Scavo, 06/22/2006
      - Re: Encryption key strategies, Chad La Joie, 06/22/2006
        
        Re: Encryption key strategies, Tom Scavo, 06/22/2006
        
        Re: Encryption key strategies, Chad La Joie, 06/22/2006
        
        Re: Encryption key strategies, Tom Scavo, 06/22/2006
        Re: Encryption key strategies, Chad La Joie, 06/22/2006
        Re: Encryption key strategies, Tom Scavo, 06/22/2006
        RE: Encryption key strategies, Scott Cantor, 06/22/2006
        Re: Encryption key strategies, Tom Scavo, 06/22/2006
        RE: Encryption key strategies, Scott Cantor, 06/22/2006
        RE: Encryption key strategies, Jim Fox, 06/22/2006

List archive

Re: Encryption key strategies