Previous Topic: Certificates for SSL ConnectionsNext Topic: Certificates To Secure the Artifact Back Channel

Federation Security Services GuideSigning and Encrypting Messages to Secure Federated TransactionsCertificate and Private Key Usage for FederationClient Certificate Authentication Across the Back Channel

Client Certificate Authentication Across the Back Channel

For artifact single sign-on, assertions are sent across a back channel. One way to secure the back channel is to require that the relying party provide a client certificate as its credential. This credential lets the replying party gain access to the Artifact Resolution Service at the asserting party.