Date: Thu, 28 Mar 2024 11:07:20 +0000 (UTC) Message-ID: <606617086.6177.1711624040121@ip-10-10-7-29.ec2.internal> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_6176_1839214228.1711624040115" ------=_Part_6176_1839214228.1711624040115 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Deployers MUST encrypt assertions and MUST use AES GCM as the en= cryption algorithm.
SPs MAY use a single RSA key for both decryption and signing in the even= t that they have a signing key.
Deployers of IdPs MUST use separate encryption and signing keys (if we e= nd up requiring IdPs to decrypt, otherwise moot).