For SAML 2.0, you can configure CA SiteMinder® Federation Standalone to encrypt an entire assertion, the NameID, or other attributes. If you enable encryption, the asserting party uses the certificate (public key) the relying party sends to encrypt data. Before any transaction, the relying party sends the certificate to the asserting party in an out-of-band exchange. The relying party uses the private key/certificate pair to decrypt the data.
Note: SAML 1.1 and WS-Federation do not support encryption of assertion data.
|
Copyright © 2013 CA.
All rights reserved.
|
|