Support for X509SubjectName Name ID
Cantor, Scott
cantor.2 at osu.edu
Tue May 19 17:01:39 UTC 2020
On 5/19/20, 12:47 PM, "users on behalf of Ullfig, Roberto Alfredo" <users-bounces at shibboleth.net on behalf of rullfig at uic.edu> wrote:
> Is the recent issue in the news regarding Zoom this exact problem? They aren't checking the signature of the SAML
> responses/assertions? They use SAML apparently and it seems that not checking the signature would lead to the exact
> problem I read about.
I'm not aware of them having that bug, but I doubt I've tested it, I set it up awhile ago.
While I can test it, to be blunt my organization has made it pretty clear that we have no internal legal consensus that it's acceptable for me to share that sort of information. So there wouldn't be much I could do but report it internally.
-- Scott
More information about the users
mailing list