TestShib.org signature algorithm changed?

Adam Conley aconley at ratex.com
Wed Apr 2 13:27:43 EDT 2014


Up until a few days ago (maybe a week or 2), the TestShib.org IdP was signing assertions with SHA1.  That seems to have changed, as the signature is now using SHA256:

<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">

The current SP implementation I am using (OpenAM .Net Fedlet) doesn't currently support SHA256.  Was the switch to SHA256 intentional, or is there any chance it will switch back to SHA1 to support older implementations, like ours?

Thanks for any info you can provide!


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140402/5f0bcaa6/attachment-0001.html 

More information about the users mailing list