Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

I-Card Provider

Revision as of 00:36, 31 October 2006 by Paul.socialphysics.org (Talk | contribs) (RSS-P I-Card Provider)

Overview

  • An I-Card Provider is responsible for instantiating and managing I-Card instances (that implement the I-Card Interfaces)
  • A Provider is also responsible for importing I-Cards from serialized data formats. For example a CardSpace I-Card Provider would be responsible for being able to import CardSpace format data files.
  • A Provider must somehow configure itself with resources that may be needed by its I-Cards. For example, a CardSpace I-Card Provider must know the endpoint for the local Token Issuer (STS).
  • Different I-Card Provider implementations use different protocols for retreiving identity information. Some might use WS-Trust to request a Digital Identity from a local STS (for self-issued cards), others from a remote STS (managed cards). Still others provide RSS feeds to identity information stored in the Identity Attribute Service
  • The Higgins project is developing these types of I-Card Providers:
    • Cardspace-compatible
    • RSS-P
    • SSFF (ScreenScrapeFormFill)
    • planned: OpenID-H-compatible Managed
    • ...others

CardSpace-compatible I-Card Provider

  • This provider will support interoperability with CardSpace relying parties and CardSpace/WS-Trust compatible IdPs.
  • It will support both managed and self-issued CardSpace-compatible I-Cards
  • It will be able to import CardSpace-format managed cards

Self-issued and Managed Cards

Self-Issued Cards

  • The self-issued card instances will implement the IdASCard interface (see I-Card Interfaces)
  • The TokenIssuerCard impl code will leverage a local STS that can create Idemix compatible-tokens (in addition to the usual CardSpace-compatible token types)
  • The IdASCard impl code manages manages the metadata necessary to retreive claims that are provided to the local STS Token Issuer

RSS-P I-Card Provider

  • This provider "projects" a Digital Identity to an external site as an RSS+SSE feed. The relying site may optionally also be able to provide a feed in the reverse direction to allow the relying site to update the identity information
  • RSS-P I-Card Providers implment the I-Card, URLIssuerCard, and IdASCard interfaces

SSFF Provider

  • Implements the I-Card, IdASCard, and SSFFCard I-Card Interfaces
  • The IdASCard implementation code uses IdAS to manage the identity data that is being synchronized (via HTML scraping and form filling)
  • The SSFFCard implementation code returns to HBX the script necessary to perform screen scraping and form filling on the target site

See Also

Back to the top