Shibboleth Developers

["Scott Cantor" <>]

> This is technically still true, but it does catch the exception that
> gets thrown due to a null KEK credential parameter.  Question is:  what
> should we do if the IdP config indicates to do encryption, but the
> recipient doesn't have an encryption key published?    Should that be a
> fatal error, or should the IdP just log it and proceed without doing the
> encryption? The latter seems more correct to me, especially since we
> typically will just have a single default security policy for all
> relying parties.  I seem to remember us discussing that at some point.

It was concluded in San Diego that we should not send it in cleartext if
we're told to encrypt it.

Alternatively, we'll need to have a multi-setting that can cover "off", "if
possible", and "required".

I also think both front and back channel should be controllable
independently. I have that ability, but not the former right now.

-- Scott