Token Signing Cert validation question RRS feed

  • Question

  • For the passive scenario where a federated user posts a SAML token to our relying party over HTTP, does WIF check for signing certificate revocation?  If so, where does this happen (SecurityTokenHandler, IssuerNameRegistry).  Just want to make sure signing certs get checked for revocation.

    Thursday, January 24, 2013 11:09 PM