SEARCH
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
PARTS:
Part 14
Part 15
Part 16
Part 17
Part 18
Part 19
Part 20
Part 21
Part 22
Part 23
Part 24
Part 25
Prev | Current Page 357 | Next

Vittorio Bertocci, Garrett Serack, Caleb Baker

"Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities"

../issuer/self"
>
NAME="requiredClaims"
VALUE="http://.../claims/privatepersonalidenti?¬?er"
>

type="submit"
value="Submit A Card >"
/>


Figure 4-6 Claims returned in the token
244 CardSpace Implementation
The user can either create and submit a new Personal Card or
reuse a Card that was previously created. As noted in Chapter 3,
it is perfectly ?¬?ne for a user to reuse a card across sites because
the Personal Card creates a new PPID and signing key pair for
each site visited.
When the token is returned from CardSpace, it is posted to the
token-processing page and decrypted. Because the token is generated
by CardSpace??™s self-issued token provider, it is signed
using an RSA key. This key is generated by CardSpace when a
Personal Card is used at a site; so if the user hasn??™t registered the
card at the site before, there is no way for the site to recognize
it. However, it can still verify the integrity of the token by ensuring
that the signature is valid.
The token veri?¬?cation checks described in the previous section
apply because CardSpace generates SAML tokens for the selfissued
card.
The PPID claim can then be retrieved from the token.


Pages:
345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369
Beginners Guide to SQL Server Integration Services Using Visual Studio 2005 (page 115) Pro ASP.NET 3.5 Server Controls and AJAX Components (page 309) Practical Reporting with Ruby and Rails (page 35)