Shibboleth Developers

[Scott Cantor <>]

Josh Howlett wrote:
> I have read SAML 2.0 Profiles Section 3.1 (which makes little sense to
> me) and the relevant text at
> https://spaces.internet2.edu/display/SHIB/SubjectConfirmation (which
> makes considerably more sense).

It probably won't surprise you that I wanted something like that to be the 
text in section 3.1.

> How does the issuer know the client's public key?

Out of scope.

> How does the Relying Party, in possession of the client's public key,
> use it to validate the client?

The assertion's delivery is also out of scope. If it's done in a manner that 
permits a signature or transport binding based on the key, that's your 
proof. An example would be a WS-Security header containing the assertion and 
a signature binding the assertion to the message body. Another would be TLS.

> I sense that this is intended as a means of binding the issuer's
> assertion to a PKI shared by the issuer, client and relying party -
> which sounds cool.

Well, sometimes it's to bridge from a PKI that includes users (of which 
there are exactly none that federate) to a PKI that only includes the 
issuers and relying parties (of which there are at least some that sort of 
federate). It's a bridging mechanism.

It also is usable as a delegation mechanism. You can issue assertions about 
a user based on a server's key, and the server is then able to act as the 
user in some fashion for a limited amount of time.

> However, I fail to understand the mechanics of how
> this is achieved. Any help/pointers/etc would be greatly appreciated.

I would suggest reading the Liberty WSF secmech document and the SAML 
profile document there if you want to see it used in practice.

-- Scott