CentOS/RHEL packages for - Shibboleth Service Provider Security Advisory [27 February 2018]
Sam Jacob
skjacob at gmail.com
Mon Mar 12 18:09:41 EDT 2018
appreciate all the answers to my questions.
On Thu, Mar 8, 2018 at 1:44 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> > Actually it's worse than that. An SP that supports XML encryption but
> does not
> > support the seamless rollover of encryption keys is potentially worse
> than an
> > SP that does not support encryption at all.
>
> I would have agreed prior to this last month, but at this point, you turn
> it on and you deal with the breakage when it happens. Broken's better than
> insecure.
>
> In any case, the question is not really "do they support?" but "is it
> being used?" and that's what Mike/et al were answering.
>
> -- Scott
>
> --
> For Consortium Member technical support, see https://wiki.shibboleth.net/
> confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
--
Sam Jacob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180312/56adb3a9/attachment.html>
More information about the users
mailing list