Question on an IdP and SP Metadata

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Question on an IdP and SP Metadata

In an IdP or SP Metadata, we can find a KeyDescriptor attribute, containing a X509Certificate.

Sometimes, there is a tag use="signing" / "encryption" / "decryption" / ...
Sometimes there is nothing, only the certificate.

I would like to know what is the purpose of a certificate without any "use". Is it only for establishing the trust between two federate servers? For example, I received a IdP Metadata from an admin, and there is only one certificate without any "use" tag. There is nothing about "signing", "encryption", etc. What does it mean?

Also, I would like to know the exact signification of the tags signing, encryption, etc.