These properties are used by the website to
describe the type of information the site requires in the token it
gets from CardSpace. This includes being able to request who
issues the token (who the signing authority is for the token),
which claims should be included in the token, and what the
format of the token should be.
Issuer
The issuer property on the extension is used to specify who the
website wants the token to be issued by. This could be a selfissued
token, or some other issuer. CardSpace will enable any
cards that are backed by the requested issuer. If a site wants the
user to use a Personal Card, the issuer should be set to the selfissued
URI, "http://schemas.xmlsoap.org/ws/2005/05/
identity/issuer/self". If the site wants a Managed Card to
be used, issuer should be set to the issuer of that card.
The token can be
posted as part of a
standard form
The site can express
the requirements for
the requested token
Using CardSpace in the Browser 229
CardSpace determines the URI of an issuer by the value of the
issuer element in the Managed Card ?¬?le (see the section
???Makeup of a Managed Card??? in Chapter 3, ???Windows
CardSpace???). This can be any valid URI the Managed Card
provider has chosen to represent themselves with, such as
"http://issuer/departmento?¬‚icensing".
Pages:
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350