| Re: [higgins-dev] cardId syntax |
|
The cardId field is only used for display purposes (to differentiate a card from others), right?
Is it possible to have two cards, issued by different issuers (thus probably with two different token service endpoints), that have identical contextID, subjectId, auth triples? I don't see why not.
Jim
>>> "Paul Trevithick" <paul@xxxxxxxxxxxxxxxxx> 3/8/07 12:02 AM >>> Here at EclipseCon I got a few minutes to chat with Mike McIntosh. It prompted this email. Proposal: For Higgins CardSpace-compatible i-cards we set the "cardId" field (see 'getCardId()' in [1]) to the string value: <contextId> / <subjectId> / <auth> E.g. http://example.com/HR-dept/ptrevithick/UNPW Where: <auth> is either "UNPW", or "Personal", or "Kerberos" or "X509" The four auth values are the four allowed auth methods MSFT defined to authenticate to a card. "Personal" means using a Personal i-card. Why append the <auth> value? Because: (a) every cardId must be unique to a provider/TS and (b) a person might want to use 1<N<5 different auth methods for the same data set (i.e. the same subject within the same context) and (c) MSFT doesn't support N>1 auth methods for a single card. -Paul [1] http://wiki.eclipse.org/index.php/I-Card_Interfaces#ICard_Interface _______________________________________________ higgins-dev mailing list higgins-dev@xxxxxxxxxxx https://dev.eclipse.org/mailman/listinfo/higgins-dev |