Divya: my question was more about how Keystone is using PySAML2. Does it pass arbitrary user-supplied SAML XML through the library, or does it create the XML itself in ways not directly under the control of an untrusted party?
Divya: my question was more about how Keystone is using PySAML2. Does it pass arbitrary user-supplied SAML XML through the library, or does it create the XML itself in ways not directly under the control of an untrusted party?