Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "R-Card"
(→R-Card Extension to the ISIP-M-Card XML Schema) |
(→R-Card Functionality) |
||
Line 3: | Line 3: | ||
== R-Card Functionality == | == R-Card Functionality == | ||
− | An r-card is a superset of the functionality of an | + | An r-card is a superset of the functionality of an ISIP-M-card as defined by the [http://download.microsoft.com/download/1/1/a/11ac6505-e4c0-4e05-987c-6f1d31855cd2/Identity-Selector-Interop-Profile-v1.pdf MS ISIP] specification. The differences are: |
* Both r-cards and m-cards include a pointer to the issuer's STS for obtaining a security token, but an r-card includes a '''second''' pointer: a Higgins [[Relation]] to the [[Digital Subject]] to which the r-card applies. This relation is provisioned by the r-card issuer, and points to the [[Digital Subject]] in the [[Context]] designated by the issuer. | * Both r-cards and m-cards include a pointer to the issuer's STS for obtaining a security token, but an r-card includes a '''second''' pointer: a Higgins [[Relation]] to the [[Digital Subject]] to which the r-card applies. This relation is provisioned by the r-card issuer, and points to the [[Digital Subject]] in the [[Context]] designated by the issuer. |
Revision as of 17:45, 27 January 2008
About
This page provides the Higgins definition of an r-card ("relationship card").
R-Card Functionality
An r-card is a superset of the functionality of an ISIP-M-card as defined by the MS ISIP specification. The differences are:
- Both r-cards and m-cards include a pointer to the issuer's STS for obtaining a security token, but an r-card includes a second pointer: a Higgins Relation to the Digital Subject to which the r-card applies. This relation is provisioned by the r-card issuer, and points to the Digital Subject in the Context designated by the issuer.
- An r-card capable Selector receiving this r-card can resolve the ContextId of the Relation (see that page for details) to discover the Context Provider configuration metadata necessary to communicate with this context.
- R-card data sharing relationships will work with any Context to which the Selector accepting the r-card can speak. For the greatest interoperability, r-card issuers can use Contexts specifically designed for generalized cross-domain data sharing such as XDI.
R-Card Extension to the ISIP-M-Card XML Schema
The only extension necessary is a single XML element, higgins:Relation whose content is a string (URI). Following are examples of such an element:
RelationURI:
<higgins:Relation>http://ldap.example.com/ldap.xrds#username</higgins:Relation>
RelationXRI (using XRI 2.0 syntax):
<higgins:Relation>xri://=example.name/($context)*($ldap)//username</higgins:Relation>