IPi
SAML
Claim 1
Claim 2
SAML
Claim 1
Claim 2
SAML
Claim 1
Claim 2 S
?
?
?
IP
RP
IP
IP
SAML
Claim 1
Claim 2
WS-Policy
WS-Security Policy
WS-Policy
WS-Security Policy
WS-Security
IP
SAML
Claim 1
Claim 2
WS-Mex
WS-Mex
WS-Trust
3
1
6
5
4
2
Figure 2-7 The schema of the canonical identity transaction, showing
which WS-* standards are used for implementing every step
Presenting Windows CardSpace 161
The preceding sequence uses only technologies in wide availability
already today, yet all the requirements imposed by the
Identity Metasystem are preserved. If all parties understand WS-
*, a requirement that does not mandate any particular platform
per se, the negotiation capabilities of WS-Policy and WSMetadataExchange
guarantee that if there is a match among the
parties, it will be found. WS-Security ensures that the speci?¬?c
technologies are properly tunneled while maintaining a common
abstract protocol, whereas WS-Trust guarantees that if there
is a trust path between parties, the system will be able to exploit
it for ?¬‚owing identity information.
Brokered Trust
The case of brokered trust is analogous to the one described in
the section ???The Dance of Identity.
Pages:
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275