I have a ASP.NET MVC IDP site and multiple ASP.NET MVC SP sites. The SSO is being processed under SSL.
When I am setting up the IDP SAML configuration, I see inside the PartnerServiceProvider, there is an attribute of "EncryptAssertion".
I would like to ask some questions.
1. Is it required to encrypted the Assertion in IDP SSO Response?
2. What is the benefit of encrypting the Assertion?
3. I have attached the a file with sample non-encrypted SAML Response. What parts of SAML Response are being encrypted when "EncryptAssertion" is set to true?