xmlsoap.org/ws/2005/05/identity/claims/ Date of birth
dateofbirth
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/ Gender
gender
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/ URL of a
website website
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/ A site-speci?¬?c
privatepersonalidenti?¬?er identity
A Deeper Look at Information Cards
Why Would an RP Accept a Card the User Created?
At ?¬?rst glance, it seems strange that an RP would accept a card, or digital identity,
that a user created for his own use. Isn??™t it better to have a trusted IP manage
the digital identity?
It really depends on what that identity is being used for. If the claim values need
to be certi?¬?ed by a third party, such as when doing age veri?¬?cation, the card
should come from a trusted third party. However, if the card is being used to log
the user on to a site and to prove on repeat visits that it is the same user, the
Personal Card ?¬?ts the bill. The cryptographic keys generated for each Personal
Card provide strong assurance that the same card is being used. The Personal
Card can also be used in cases where the site is willing to trust the user to ?¬?ll in
190 Windows CardSpace
Note that the claims supported by Personal Cards are not very
sensitive; that is, while the information describes the person, it
does not expose his private data, such as credit card numbers,
account numbers, Social Security Number, and passwords.
Pages:
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308