Getting a grasp on Heartbleed and IDPs

Liam Hoekenga liamr at
Tue Apr 15 11:01:25 EDT 2014

On Fri, Apr 11, 2014 at 10:43 AM, Cantor, Scott <cantor.2 at> wrote:

> >B) the certificate/keypair use on port 4443 of the idp for back channel
> >interaction
> B normally runs on 8443, but certainly isn't limited to that. You have to
> apply generalities to your own deployment.
> B is the authentication credential for transport authentication of SOAP.

Would it be reasonable to consider using the front channel / browser facing
cert to secure the backchannel?
What would be the downside?  (The calling SP would have to have the CA cert
that was being used, right?)

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list