Verification of signed AuthnRequests
peter.schober at univie.ac.at
Mon Nov 22 12:20:05 UTC 2021
* Max Spicer via users <users at shibboleth.net> [2021-11-22 12:05]:
> We have an SP that is sending us signed AuthnRequests. We see occasional
> signature verification issues for this SP
Seem those are when the same data is being used that you're looking
at: a mismatch, hence the failed verification.
Which seems to imply that for the successing requests there must be
something else at play: Other metadata you have on record? Or the SP
behaving inconsistently (e.g. the service consisting of several nodes
in a cluster with not all cluster members being configured identically
wrt key usage)?
More information about the users