...
Since the use
XML attribute is missing on a type 3 key descriptor, such a key may be used for all of the above, that is, for signing, TLS, and encryption.
Tip | ||
---|---|---|
| ||
Any |
...
. |
Keys in IdP Metadata
In the InCommon Federation, IdP metadata typically contains two role descriptors: an <md:IDPSSODescriptor>
element and an <md:AttributeAuthorityDescriptor>
element. Normally, each role descriptor contains a single type 1 key descriptor (with use="signing"
XML attribute). Although not required, the two key descriptors almost always contain the very same key.
...