Is it possible to reject SHA-1 signature at SAMLMessageSignature.Verify.
I am using public static bool Verify(XmlElement xmlElement, X509Certificate2 x509Certificate); in SAMLMessageSignature class.
It looks like this method succeeds regardless of the signature algorithm as far as any algorithm is declared in the response.
I would like to reject SHA-1 signature (weak), but I do not find such override method or configuration method.
Is it possible?