help signing metadata
Cantor, Scott
cantor.2 at osu.edu
Tue Oct 25 19:15:40 BST 2011
On 10/25/11 2:04 PM, "Jonathan Bricker" <jbricker at exacttarget.com> wrote:
>I'm just trying to solve a problem my bosses have given me which is more
>of a PKI problem.
SAML is not PKI.
> They care more about certs so I must care about certs. My question was
>just to give me a direction to look. I now have a much better
>understanding of what I can and can't do with the SP.
>
>Is there a decent doc for making plugins for the SP?
No. Not enough demand to make it worth the project's time and money.
But I can't think of any way to do this with a plugin at all, frankly. You
can't do something at metadata load time that forces it to require
something at runtime. They just don't match up.
If you want to use PKIX, then you need to just do that. There isn't much
documentation on that, but what exists is mostly at
https://wiki.shibboleth.net/confluence/display/SHIB2/PKIXTrustEngine
-- Scott
More information about the users
mailing list