File(s): conf/relying-party.xml
Format: Native Spring / Deprecated Custom Schema
Legacy V2 File(s): conf/relying-party.xml
| Table of Contents | ||
|---|---|---|
|
...
The default values of signRequests and signResponses for this profile are an extended form of the behavior that was referred to in V2 as "conditional". It make a channel dependent choice. Specifically it signs on the front-channel, and on the back-channel only if TLS isn't used (very unusual) or if the receiving port is 443. It assumes that traffic over 443 will be relying on message-based security measures (but see below), whereas traffic to an alternative TLS port like 8443 will be relying on mutual authentication and thus provide a secure channel.
...