shibboleth-dev - Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?
Subject: Shibboleth Developers
List archive
- From: "Joana M. F. Trindade" <>
- To:
- Subject: Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?
- Date: Sat, 9 Aug 2008 20:54:32 -0300
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=dYbbXLvPZC6gsYFUMM/Vq7UxykslxpkO2UtErdYlhmrqgs2ovSmi7AlJJdSzpS5K5o iLrdG1ItDkndF1PLeiyDS5DyGZRTBm1Xj3ny72FT9b++JrMavGlBnWVwypoPkze+LcYe mvsdxHOo8itxbdXgqyUw5DjH2sYJqfOPbyqmc=
Hi,
As Tom pointed out, we recently implemented something similar. What we do is
compute the SHA-1 hash of the public key bytes according to RFC5820, and
encode it in Base64. An example is available here (look for KeyInfo in the
SubjectConfirmation element):
https://gsoc2008.ncsa.uiuc.edu/sso-demo/SAMLResponse.xml
As you can see, we populate the KeyInfo with both the certificate and the SHA-1
hash we computed from the cert. This method for computing the SKI from RFC5820
is trivial, and also used by Apache WSS4J and bouncycastle API.
HTH,
Joana
--
Joana M. F. da Trindade
Email:
Personal Homepage: http://joanatrindade.wikidot.com
LinkedIn: http://www.linkedin.com/in/joanatrindade
As Tom pointed out, we recently implemented something similar. What we do is
compute the SHA-1 hash of the public key bytes according to RFC5820, and
encode it in Base64. An example is available here (look for KeyInfo in the
SubjectConfirmation element):
https://gsoc2008.ncsa.uiuc.edu/sso-demo/SAMLResponse.xml
As you can see, we populate the KeyInfo with both the certificate and the SHA-1
hash we computed from the cert. This method for computing the SKI from RFC5820
is trivial, and also used by Apache WSS4J and bouncycastle API.
HTH,
Joana
--
Joana M. F. da Trindade
Email:
Personal Homepage: http://joanatrindade.wikidot.com
LinkedIn: http://www.linkedin.com/in/joanatrindade
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, (continued)
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Peter Williams, 08/09/2008
- Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Tom Scavo, 08/09/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Peter Williams, 08/09/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Scott Cantor, 08/09/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Jim Fox, 08/10/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Scott Cantor, 08/10/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Jim Fox, 08/11/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Scott Cantor, 08/11/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Jim Fox, 08/11/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Scott Cantor, 08/11/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Peter Williams, 08/09/2008
- Message not available
- Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Joana M. F. Trindade, 08/09/2008
Archive powered by MHonArc 2.6.16.