Trouble with signature filter skipping
cantor.2 at osu.edu
Mon Sep 17 09:00:12 EDT 2018
On 9/17/18, 3:59 AM, "users on behalf of Guillaume Rousse" <users-bounces at shibboleth.net on behalf of guillaume.rousse at renater.fr> wrote:
> Loading metadata in application-specific context just make the issue
> worst, because of potential duplication, but is not the root cause. Even
> loading this 23Mb metadata file in global context requires a systematic
> 120s delay at each startup. Hence the interest of caching.
It does not take that long to startup on most systems when signatures are bypassed for the backup file. On a slow system it might. Either way, it's fixed startup time and restarts are not common.
> No, I'm just suggesting allowing usage of standard transport layer
> security model, by honouring server certificate instead of silently
> ignoring it. Either in addition to signature checking, or as replacement.
Whatever key secures the metadata is the basis of the SAML trust model and is in control of revocation, the same way a CA is in a traditional PKIX environment.
If you want to go messing around with the trust model, have at it, the TransportOption hook lets you do anything you want. It's your system, assuming the data you're protecting is your own.
More information about the users