On 11/11/2013 06:35 PM, David Chadwick wrote: > I dont understand what your trust model is, if you dont have a PKI or > a trust router, then how can an RP trust any SAML metadata that it has > obtained from anywhere? It has to get this from a trustworthy source. > I thought that the trustrouter (admin) was this TTP. If not, then who > is? The federation authority was to my mind the trust router > administrator, and was responsible for mapping the IDP name to realm > name. Typically trust in SAML metadata done using signatures or some other form of authentication of the metadata.
_______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
