Hi Sergey, hi Colm,
Am 27.11.2013 11:31, schrieb Sergey Beryozkin:
I can see that it is a bearer assertion, which is where KeyInfo is
optional, right ?
That's not what I understand when reading the SAML2 Specification:
http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
Page 70, Section 5.4.5 KeyInfo
XML Signature defines usage of the <ds:KeyInfo> element. SAML does not
require the use of
<ds:KeyInfo>, nor does it impose any restrictions on its use. Therefore,
<ds:KeyInfo> MAY be
absent.
So IMHO the KeyInfo is completely optional.
Regards,
Christian
--
***********************************************************************
Christian Metzler * Software Developer
ABAS Software AG * Südendstraße 42 * 76135 Karlsruhe * GERMANY
Phone: +49(0)721-96723-0 * Fax: +49(0)721-96723-100
http://www.abas-software.com * http://www.abas.de
Board of Directors / Vorstand: Werner Strub, Jürgen Nöding
Chairman Board of Directors / Vorstandsvorsitzender: Werner Strub
Chairman Supervisory Board / Aufsichtsratsvorsitzender: Udo Stößer
Registered Office / Sitz der Gesellschaft: Karlsruhe
Commercial Register / Handelsregister: HRB 107644 Amtsgericht Mannheim
***********************************************************************
