OpenSSL heartbleed bug / Shibboleth implications

Ian Young ian at
Tue Apr 8 05:21:38 EDT 2014

On 8 Apr 2014, at 10:06, Peter Schober <peter.schober at> wrote:

> Does that really affect the SP's private key? I would have expected
> the priveledge seperation via shibd to prevent such problems?

shibd needs to know the SP's private key because it uses it as a credential for the mutual authentication performed on back-channel operations. I think we're speculating that the back-channel use of OpenSSL by shibd may allow that key to be exposed to a hostile IdP. As Scott points out, though, because SPs in general only perform back-channel operations to locations found in metadata, it isn't quite trivial to exploit this.

> And if anyone still needs reasons not to re-use TLS/SSL keys for SAML
> usage, it seems here's +1.

Absolutely. The business about the back channel becomes irrelevant if anyone can pick the same key out of an anonymous front channel GET.

For the IdP, though, it's hard to avoid if you support any SOAP endpoints at all.

	-- Ian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5943 bytes
Desc: not available
Url : 

More information about the users mailing list