Explore a critical vulnerability affecting SAML-based Single Sign-On (SSO) systems in this 41-minute Black Hat conference talk. Delve into the technical details of XML signatures, SAML implementations, and their potential security flaws. Learn about the discovery process, timeline, and implications of this vulnerability that impacts multiple libraries underpinning many SSO systems. Understand the threat model, exploitation techniques, and remediation strategies for the truncation vulnerability in SAML assertions. Gain insights into programmable identity and additional tricks that can compromise SSO security. Suitable for security professionals and developers working with SSO systems.