Trust Router Protocol Flows with Existing RP/IdP Key

Owned by wqx+qmnstigwu5kzxaiskxnikzy@idp.company.ja.net
Last updated: Apr 20, 2015 by Rhys Smith (Deactivated)
1 min read

When the RP and IdP already share a valid key then the Trust Router protocol flow is, in fact, non existent. This page details this, and why.

The goal of Trust Router is to enable the RP and IdP to establish a shared key to be used for a direct RadSec connection. When this key already exists (it has already been early established by Trust Router), then the two entities can just connect without involving Trust Router at all. The diagram below shows this flow.