CentOS/RHEL packages for - Shibboleth Service Provider Security Advisory [27 February 2018]

Sam Jacob skjacob at gmail.com
Mon Mar 12 18:09:41 EDT 2018

appreciate all the answers to my questions.

On Thu, Mar 8, 2018 at 1:44 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:

> > Actually it's worse than that. An SP that supports XML encryption but
> does not
> > support the seamless rollover of encryption keys is potentially worse
> than an
> > SP that does not support encryption at all.
> I would have agreed prior to this last month, but at this point, you turn
> it on and you deal with the breakage when it happens. Broken's better than
> insecure.
> In any case, the question is not really "do they support?" but "is it
> being used?" and that's what Mike/et al were answering.
> -- Scott
> --
> For Consortium Member technical support, see https://wiki.shibboleth.net/
> confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net

Sam Jacob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180312/56adb3a9/attachment.html>

More information about the users mailing list