[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[higgins-dev] Notes from higgins-dev call June 8 2006
|
Attendees: BrianGershon(Interra), KevinTurner(JainRain),
PaulTrevithick(SocialPhysics), MaryRuddy(SocialPhysics), JanCamenisch(IBM),
RajN(IBM), BrianCarrol(Serena), MikeMcIntosh(IBM)
Status of STS integration (MikeM)
---------------------------------
- still working on getting the Relying Party cert
- we think we know how to do get the cert
- Kim Cameron is fixing some bugs in his blog relying site
- This is the site we're testing with (it may be the only one)
Status of PIP/HBX working with BrianG (Interra)
-----------------------------------------------
- discussion of RSS-P and form filling integration
Discussion of STS capabilities
------------------------------
- Kim's blog takes a few short cuts
- The <object> tag tells you who needs to issue the token, required claims,
and type of token
- But you are supposed to also be able to find out the security policy of
the RP site
- This is not yet supported now.
- The convention he created is use his website's SSL cert as the key to
encrypt the token
- Brian: how will the STS be extended? Mike: continued development is
planned after we get past demos
To-dos
------
* Paul said he would verify that the RSS-P URL's id that HBX posts to the RP
site is a constant for that user