I'm using the SAML2.0 Protocol extension in a Proof of Concept to connect with an ASP.net web application frontend to a Ping Federate IdP. The metadata from Ping Federate contains an XMLDSIG element which describes which signing algoritm the IdP is using.In my case that is SHA-1, but it seems to be ignored, because when I turn on verbose logging for WIF, I notice that the saml message contains a SHA-256 signature. When I change the setting to SHA-256 in Ping Federate everything works fine, but on SHA-1 I keep getting message ID4037 (don't have the actual message on my screen, but it says that it can't access the certificate needed to check the signature)
Describe the problem that you're having.
What type of impact does this issue have?