Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[higgins-dev] cardId syntax 
Here at EclipseCon I got a few minutes to chat with Mike McIntosh. It
prompted this email.

Proposal: For Higgins CardSpace-compatible i-cards we set the "cardId" field
(see 'getCardId()' in [1]) to the string value: 

  <contextId> / <subjectId> / <auth>

E.g. 

  http://example.com/HR-dept/ptrevithick/UNPW

Where:
  <auth> is either "UNPW", or "Personal", or "Kerberos" or "X509"

The four auth values are the four allowed auth methods MSFT defined to
authenticate to a card. "Personal" means using a Personal i-card.

Why append the <auth> value? Because: (a) every cardId must be unique to a
provider/TS and (b) a person might want to use 1<N<5 different auth methods
for the same data set (i.e. the same subject within the same context) and
(c) MSFT doesn't support N>1 auth methods for a single card.

-Paul

[1] http://wiki.eclipse.org/index.php/I-Card_Interfaces#ICard_Interface

Back to the top