*
realj...@gmail.com <
realj...@gmail.com> [2018-05-04 17:19]:
> I am using SimpleSAMLphp as an IdP and I want that each incoming
> AuthnRequest is signed by the service provider *and* that the IdP
> validates these signatures.
What problem do you intend to solve by insisting on signed requests
(or by rejecting unsigned requests)?
-peter