[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
[higgins-dev] CardStore and Context Requirements
|
CardStore Requirements
- Fast lookups for RP policy matching (potentially not requiring
re-parsing of cards):
Issuer URI
Token Type URI(s)
Supported Claims
- Editable "Name"
- For all Cards, equivalent of CardSpace's
RoamingStore/RoamingInformationCard/InformationCardMetaData/* (see TechRef
section 8.1):
PinDigest (Protected Sensitive)
HashSalt (Protected Sensitive)
TimeLastUpdated
- For Personal Cards, equivalent of CardSpace's
RoamingStore/RoamingInformationCard/InformationCardPrivateData/* (see
TechRef section 8.1):
MasterKey (Protected Sensitive) - not readable by anyone other
than Issuer
- For Personal Cards:
Credential for Context open (Protected Sensitive)
Context Requirements
- For all Cards, need to store an IdP private - not readable by anyone
other than Issuer - HashSalt value
I am not 100% sure I followed the description of how sensitive CardStore
information would be protected (on Windows, Mac, and Linux).
Can someone please respond with a description via email?
Also could someone please respond with an estimate for when we can get
support for ALL of the above requirements in a CardStore implementation?
Until we securely support the two HashSalt values, we can not provide a
secure solution.
Thanks,
Mike
