The authentication was performed by means of the Kerberos protocol [RFC 1510],
an instantiation of the Needham-Schroeder symmetric key authentication mechanism [Needham78].
Locates an assertion containing a "bearer" AuthenticationStatement in
the response and validates the enclosing assertion with respect to the
POST profile
Indicates a key or certificate subclass type is incompatible with the
provider's policies, or a cryptographic problem was found while processing a
message.
Indicates that a SAML construct is invalid "on its face", based on the
information available in the XML or the external constraints imposed on its
use.