> Yes, but that metadata doesn't include the key (pun intended) piece of > metadata, the KeyDescriptors. SAML metadata can be used to establish the > trust layer. Clarifying, I didn't mean the trust between the WSC and the WSP, the IdP/DS/whatever can broker that part through the tokens themselves. -- Scott