CentOS/RHEL packages for - Shibboleth Service Provider Security Advisory [27 February 2018]
Peter Schober
peter.schober at univie.ac.at
Thu Mar 8 12:34:26 EST 2018
* Sam Jacob <skjacob at gmail.com> [2018-03-08 18:16]:
> from Scott's post:
> "I investigated, discreetly, a number of SPs that my university has
> campus-wide integrations with and that did not support XML Encryption "
>
> How do you determine an SP that doesn't support XML Encryption?
Things to look for:
An SP with no key in metadatam or with a key that has use="signing".
A RelyingParty exception for SAML2.SSO with p:encryptAssertions="false".
A property setting idp.encryption.optional to true (idp.properties or elsewhere).
-peter
More information about the users
mailing list