signed responses from an IdP
Mark K. Miller
max at psu.edu
Mon Aug 17 16:15:35 EDT 2015
On Mon, 17 Aug 2015, Brewer, Edward L wrote:
> From the Ping Getting Started Version 7.2 Manual
>
> " Note: SAML specifications require that POST responses be digitally
> signed."
Interesting! The Ping Identity v6.x SP didn't require this. Has the SAML
spec changed between Ping v6.x and v7.2? Or, is it just that the parts of
the SAML spec Ping implements has changed?
And, does anyone know from the actual spec if this is phrased as "require
that POST responses be digitally signed." Or, is it possibly phrase as,
"require that POST responses be able to be digitally signed." Obviously,
the first phrasing doesn't allow for disabling signing, but the second
phrasing does.
> Lee Brewer
Thanks,
Max
More information about the users
mailing list