IdP - EntityAttributes - Predicate - Regex filter for federation SPs

Cantor, Scott cantor.2 at
Tue Jul 17 09:55:28 EDT 2018

On 7/17/18, 9:51 AM, "users on behalf of Tom Scavo" <users-bounces at on behalf of trscavo at> wrote:

> This is off-topic with respect to Martin's issue, but what if a tag
> disabled encryption or downgraded assertion signing to SHA-1? As you
> know, there actually ARE entity attributes to control such things. [1]

Which is why I said "it depends what the tag is being used for". It doesn't change the essential point which is that if you know and trust the metadata sources you use and their handling of entity attributes, then you know what you have to do (or not do).

-- Scott

More information about the users mailing list