Hello all, I know that maybe this is not an iCard normal scenario, since RP should not know anything about who made the token but... there is any way that could allow RP to know that a token comes from a trusted IdP? I guess that it should exist any way to do it because depending of the procedence the token may be more or less trustable...
I don't think that this has something to do with appliesTo, since that parameter will send IdP certificate through the net and this would trash almost all anonymity between RP and IdP. I would like a method to know that the token is reliable and not to know directly who issued it. Thanks for any help you can give me :) Regards, --- David Campos Safelayer Secure Communications DMAG UPC Researcher
_______________________________________________ higgins-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/higgins-dev
