SP V3 client side session questions
tom at joinroot.com
Wed Feb 21 12:48:42 EST 2018
> The ability to invalidate everything and everybody at once isn't actually
disappearing because restarting the in-memory caches and just replacing the
active key(s) will render any blobs in the wild unusable.
Cool. If that's the case then I still have the emergency button I need
going forward. I appreciate all the help, thanks!
--Tom Noonan II
On Wed, Feb 21, 2018 at 12:27 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> If you have development questions, please move that to the dev list or
> just add comments to the JIRA issue.
> The mechanism is based on a shared AES key and AES-GCM encrypted data with
> a rolling key, same as the IdP uses. The ability to invalidate everything
> and everybody at once isn't actually disappearing because restarting the
> in-memory caches and just replacing the active key(s) will render any blobs
> in the wild unusable.
> -- Scott
> For Consortium Member technical support, see https://wiki.shibboleth.net/
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users