Holder of Key and Sender Vouches subject confirmation
Cantor, Scott
cantor.2 at osu.edu
Thu Mar 27 11:53:35 EDT 2014
On 3/27/14, 11:49 AM, "Peter Schober" <peter.schober at univie.ac.at> wrote:
>* Cantor, Scott <cantor.2 at osu.edu> [2014-03-27 16:28]:
>> No, that's the required method for SSO. The IdP doesn't support adding
>> additional confirmations except in the specific case of the delegation
>> extension.
>
>Maybe the (broken) link to GridShib should be removed then, which claims
>to "[enable] the IdP to issue Holder-of-Key SAML assertions":
>https://wiki.shibboleth.net/confluence/display/SHIB2/Contributions
Well, I meant "things in the box or that we did as extensions", certainly
somebody else's extension could be supporting this. I don't have any idea,
but Tom was involved with GridShib, so I'm sure he can say if it's
strictly true or not.
But saying "it's only doing bearer" strongly suggests the OP doesn't
understand why it's only doing that, and why it would be very incorrect to
change it to something else.
-- Scott
More information about the users
mailing list