In chapter 2 of the code 5 drop you said:
"...The token includes something called a proof key. This is a symmetric key randomly generated by the issuer and included as part of the RSTR so that the client gets a copy as well.
Now it's up to the client to send the token to the Web service in the
<Security> header of the SOAP envelope. The client must sign the SOAP headers (one of which is a timestamp) with the proof key to show that it knows the key. This extra cryptographic evidence further assures the Web service that the caller
was, indeed, the one who was issued the token in the first place..."
How does the service valdiate the proof key signature if the STS randomely created the proof key? Is this per- RST or is the proof key persistant and created when the RP is trusted to the STS? By random do you mean, randomly created when the trust is established?
Or does the RP FAM actually call out to the STS when validating the token to verify the proof key?