Bugzilla – Bug 6506
SAML Holder-of-Key Assertion Request
Last modified: 2008-12-13 10:32:40
You need to
before you can comment on or make changes to this bug.
According to the SAML Holder-of-Key Assertion Request Profile, the SAML
requester is the subject, that is, the subject self-issues a SAML request. The
subject presents this request and an X.509 certificate to a SAML identity
provider. The subject proves possession of the private key corresponding to the
public key of the presented certificate and authenticates to the identity
provider by unspecified means.
The identity provider consumes the request and issues a response. The identity
provider binds data from the X.509 certificate to one or more assertions in the
response. The requester validates and consumes the response and outputs the
The SAML Holder-of-Key Assertion Request Profile depends on the SAML
Holder-of-Key Assertion Profile:
Also, the SAML Holder-of-Key Assertion Request Profile is related to the SAML
Holder-of-Key Web Browser SSO Profile:
An initial implementation of the latter was contributed by Joana M. F. Trindade
through the Google Summer of Code (2008) program. This implementation is the
first phase of an implementation plan whose goal is to convert a campus
credential (usually a username/password) into a SAML credential.
The SAML V2.0 Holder-of-Key Assertion Request Profiles have been submitted to