Transport confidentiality required, but not available
Tom Scavo
trscavo at gmail.com
Fri Sep 2 13:11:21 BST 2011
On Thu, Sep 1, 2011 at 4:28 AM, Rod Widdowson <rdw at steadingsoftware.com> wrote:
>
> You therefore need to fix your metadata, fix the IdP or as a final mechanism teach the SP that security doesn't matter.
Adding to Rod's suggestions, you should step back and ask if you
really want to do attribute query in the first place. It's more
typical to push encrypted attributes through the browser in SAML2
flows. That is certainly the path of least resistance, and unless you
have good reason to want to do attribute query, you should just avoid
it altogether.
Tom
More information about the users
mailing list