[OpenID] OpenID Information Card - OpenIDToken encryption
Prabath Siriwardena
siriwardena.prabath at gmail.com
Fri Feb 22 05:55:20 UTC 2008
Hi Johnny;
In the case of Information cards with SAML token type, we encrypt the
SAML assertions, so - at the RP end it will receive an encrypted
"xmlToken".
But, I've being testing with an OpenID Information card, downloaded
from https://openidcards.sxip.com/TokenService/ - and it seems this
has not encrypted the 'xmlToken' - that is I received the 'xmlToken'
in clear text.
Can you please explain a bit on this.. or is this just for the testing purpose?
Thanks & regards.
- Prabath
More information about the general
mailing list