83
SubjectConfirmation (cont.)
<Assertion>
      …
      <Subject>
              <NameID Format="urn:oasis:names:tc:1.1:nameid-format:emailAddress">
                  j.doe@acompany.com
              </NameID>
              <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
                      <SubjectConfirmationData>
                              <ds:KeyInfo> … </ds:KeyInfo>
                      </SubjectConfirmationData>
              </SubjectConfirmation>
      </Subject>
      …
</Assertion>
This provides the info that is appropriate for the Method specified. For example, the Method says that the presenter must hold a key.  A key to what? This section specifies a digital lock that the key must open.