|
|
|
You can encrypt the Name ID in an assertion or the assertion itself. Encryption adds another level of protection when transmitting the assertion.
When you configure encryption, specify the partner certificate, which is included in the assertion. When the assertion arrives at the Service Provider, the Service Provider decrypts the encrypted data using the associated private key.
Note: If you enable encryption, the first federation call can cause the Policy Server memory to increase to load the encryption libraries and allocate additional memory.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |