updating SP's signing cert in metadata
Cantor, Scott
cantor.2 at osu.edu
Fri Oct 13 11:39:47 EDT 2017
On 10/13/17, 11:26 AM, "users on behalf of John Dennis" <users-bounces at shibboleth.net on behalf of jdennis at redhat.com> wrote:
> That's not my understanding. Keys used in metadata are independent of the transport layer.
That's incorrect. "signing" in metadata just means "authentication" and applies to TLS or signing.
Nevertheless, vendors by and large don't use artifacts so you really don't need to worry about it much, and if you don't even support a back channel then you definitely don't have to worry about it.
-- Scott
More information about the users
mailing list