signed responses from an IdP
Brewer, Edward L
lee.brewer at Vanderbilt.Edu
Mon Aug 17 16:06:29 EDT 2015
Signing the response is current best practice anyway, but I can't tell you the settings on the Ping side. The main reason to require a signed response is preventing attacks against XML Encryption, but I'm sure that isn't why they're requiring it.
-- Scott
>From the Ping Getting Started Version 7.2 Manual
" Note: SAML specifications require that POST responses be
digitally signed."
Lee Brewer
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list