Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
enum Duende.IdentityServer.Saml.TrustLevel
Assembly: Duende.IdentityServer
What is the trust level of a piece of data? The levels reflect how trustworthy the data is based on if it is signed and how the signature can be validated.
Remarks
This is a flags enum. The <see cref="F:Duende.IdentityServer.Saml.TrustLevel.HasSignature" /> flag is ORed in when
a signature has been validated. The base trust level values use non-adjacent
bit positions to leave room for future extension values (0x2, 0x8, 0x20).
Values
None
There is no integrity protection for the data.
HasSignature
A signature has been validated on the data. This flag is ORed into
the base trust level when signature validation succeeds.
Http
The data was retrieved over an outbound network connection,
but the transport was not protected. This level is also set
on all data that is verified as signed by a key that was retrieved
over plain http.
TLS
The data was directly retrieved from the source using a valid
TLS (https) connection. This level is also set on all data that
is verified as signed by a key that was retrieved over TLS/https.
In most setups, this level is regarded as secure.
ConfiguredKey
The data was verified by a signature where signing key or a strong
identifier of the key (such as a SHA256 cert thumbprint) was read
from configuration.