Skip to main content
Jump to: navigation, search

Difference between revisions of "R-Card"

(New page: == About == This page provides the Higgins definition of an '''r-card''' ("relationship card"). == R-Card Functionality == An r-card is a superset of the functionality of an m-card as def...)
 
(R-Card Functionality)
Line 3: Line 3:
  
 
== R-Card Functionality ==
 
== R-Card Functionality ==
An r-card is a superset of the functionality of an m-card as defined by the MS ISIP specification. The differences are:
+
An r-card is a superset of the functionality of an m-card as defined by the [http://download.microsoft.com/download/1/1/a/11ac6505-e4c0-4e05-987c-6f1d31855cd2/Identity-Selector-Interop-Profile-v1.pdf MS ISIP] specification. The differences are:
  
 
* Both r-cards and m-cards include a pointer to the issuer's STS for obtaining a security token.
 
* Both r-cards and m-cards include a pointer to the issuer's STS for obtaining a security token.
 
* An r-card includes a second pointer: a Higgins [[Relation]] to the [[Digital Subject]] to which the r-card applies. This relation is provisioned by the r-card issuer, and points to the [[Digital Subject]] in the [[Context]] designated by the issuer.
 
* An r-card includes a second pointer: a Higgins [[Relation]] to the [[Digital Subject]] to which the r-card applies. This relation is provisioned by the r-card issuer, and points to the [[Digital Subject]] in the [[Context]] designated by the issuer.
* An r-card capable [[Selector]] receiving this r-card can resolve the [[ContextId]] of the [[Relation]] (see that page for details) to discover the data sharing protocol by which the selector can communicate with the designated context. Any protocol can be used; [[XDI]] is one protocol designed for this purpose.
+
* An r-card capable [[Selector]] receiving this r-card can resolve the [[ContextId]] of the [[Relation]] (see that page for details) to discover the [[Context Provider]] configuration metadata necessary to communicate with this context.
 +
* R-card data sharing relationships will work with any [[Context]] to which the [[Selector]] accepting the r-card can speak. For the greatest interoperability, r-card issuers can use [[Context]]s specifically designed for generalized cross-domain data sharing such as [[XDI]].
  
 
== R-Card Extension to the M-Card Schema ==
 
== R-Card Extension to the M-Card Schema ==

Revision as of 04:04, 26 January 2008

About

This page provides the Higgins definition of an r-card ("relationship card").

R-Card Functionality

An r-card is a superset of the functionality of an m-card as defined by the MS ISIP specification. The differences are:

  • Both r-cards and m-cards include a pointer to the issuer's STS for obtaining a security token.
  • An r-card includes a second pointer: a Higgins Relation to the Digital Subject to which the r-card applies. This relation is provisioned by the r-card issuer, and points to the Digital Subject in the Context designated by the issuer.
  • An r-card capable Selector receiving this r-card can resolve the ContextId of the Relation (see that page for details) to discover the Context Provider configuration metadata necessary to communicate with this context.
  • R-card data sharing relationships will work with any Context to which the Selector accepting the r-card can speak. For the greatest interoperability, r-card issuers can use Contexts specifically designed for generalized cross-domain data sharing such as XDI.

R-Card Extension to the M-Card Schema

The only extension necessary is a single element, Relation, from the Higgins namespace. Following are examples of such an element:

RelationURI:

<higgins:Relation>http://ldap.example.com/ldap.xrds#username</higgins:Relation>

RelationXRI (using XRI 2.0 syntax):

<higgins:Relation>xri://=example.name/($context)*($ldap)//username</higgins:Relation>

Back to the top