Skip to Content.
Sympa Menu

shibboleth-dev - Re: [Shib-Dev] [IdPv3] Security Config and Options

Subject: Shibboleth Developers

List archive

Re: [Shib-Dev] [IdPv3] Security Config and Options


Chronological Thread 
  • From: Chad La Joie <>
  • To:
  • Subject: Re: [Shib-Dev] [IdPv3] Security Config and Options
  • Date: Fri, 06 Aug 2010 08:28:33 -0400
  • Organization: Itumi, LLC

No, not globally valid, it would be used just as it is today. So you would associate with some particular configuration aspect (e.g. the signing credential of the IdP, the validation information of a metadata signatures for a particular provider).

On 8/6/10 8:25 AM, Lukas Haemmerle wrote:
- Allow PKIX/credential data to be loaded from multiple sources.
Currently you can load all of the data from a URL or the filesystem.
This change would allow you to CRLs, certs, and private key from
different sources individually (e.g. CRLs from URLs and cert/key from
the filesystem).

Just for clarification: Would this PKIX/credential then be valid/used
globally within the IdP or would it be possible to attach e.g. certain
CRLs to a specific MetadataProvider only?



--
Chad La Joie
http://itumi.biz
trusted identities, delivered



Archive powered by MHonArc 2.6.16.

Top of Page