Why is it important to sign SAML Assertions? Why is it not important to sign OAuth Access Tokens?
What will be an ideal response?
SAML Assertions contain information about a user or system, with an access control decision being made based on that information. A modified SAML Assertion can therefore result in a change in access; requiring a valid signature mitigates this possibility. OAuth Access Tokens are essentially keys that need to be protected from
disclosure. Modifying OAuth Access Tokens accomplishes nothing, so signatures are unnecessary.
You might also like to view...
What are the responsibilities of a data custodian?
What will be an ideal response?
When the keyword void is used in the Main() method header, it indicates that the Main() method is empty.
Answer the following statement true (T) or false (F)
Most of today's processors are housed in a ____ chip package.
A. DIMM B. DIP C. PGA D. PDA
Which option below is the default teaming mode within Windows Server 2016?
A. Switch Independent B. Hyper-V Port C. Static D. LACP