...
For further discussion:
- The benefits of federated login at the SP (no shared secrets)
- The security and convenience of multilateral federation
- The agility of a metadata-based trust model
- The importance of secure, automated metadata refresh
- The advantages and disadvantages of deploying a web server (e.g., Apache) in front of the IdP
- Is there value in defining separate keys for back-channel TLS?
...