The Shibboleth 1.x software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only.

Skip to end of metadata
Go to start of metadata

TrustManagement is a convenient term for how Shibboleth uses cryptography to secure SAML messages and assertions. Trust is an overloaded word, but here we mean simply the binary choice that the software has to make: does this bag of bits get used or thrown out?

In general, SAML itself defines nothing related to TrustManagement. Mechanisms like SSL/TLS and XMLSignature, along with others, are spelled out as viable (and in some cases required) approaches to securing SAML profiles, but there are no guidelines or rules for how to make them usable and expose the configuration of policies and key management to the deployer. (In fact, absolutely nothing in the standards world addresses this. Makes writing this stuff fun.)

TrustManagement is "bootstrapped" in the software using MetaData. That is, MetaData is implicitly trusted once a lookup is successful, and it provides the rules that drive the various TrustEngines provided with the software. There is a distinct API that can supply alternate TrustEngines, and they may choose to implement other mechanisms for obtaining such rules.

  • No labels

1 Comment

  1. Unknown User (

    Even the phrase "trust management" is yet another phrase that's being overloaded. Say it to Google and you'll find lots of interesting work mainly about delegation. I can't recommend anything better. It seems like all that can be done is to add it to this potential Tower of Babel along with all those other words like "trust", 'identity", "federation", etc. 'Tis a shame; I reckon.