6
Security is Achieved by Exchanging
Documents
<AuthnRequest>
<Subject
>___</Subject>
</AuthnRequest>
service
provider
Identity
provider
<Response>
<Assertion>
<Subject
>____</Subject>
<AuthnStatement
AuthnInstant="___">____</AuthnStatement>
</Assertion>
</Response>
"What
authentication information do you have for
this ___ subject?"
"This ___ subject was authenticated by this ___
mechanism,
at this ___ datetime"
The request document
The response document