[OpenID] ANN: OpenID Information Cards spec and workingimplementation

Broberg, Jeffrey C Jeffrey.Broberg at ca.com
Wed Aug 22 09:25:13 PDT 2007


Does this mean that the RP will have to use SSL and provide a cert ?

jeff 

> -----Original Message-----
> From: general-bounces at openid.net 
> [mailto:general-bounces at openid.net] On Behalf Of Johnny Bufu
> Sent: Tuesday, August 21, 2007 11:47 PM
> To: OpenID List
> Subject: [OpenID] ANN: OpenID Information Cards spec and 
> workingimplementation
> 
> Hello list,
> 
> 
> Attached is a specification for using Information Cards and 
> an Identity Selector to perform OpenID Authentication. This 
> enables users of Identity Selectors to have a consistent 
> experience across Information Card and OpenID sites.
> 
> The requirements for a Relying Parties to support OpenID 
> Information Cards are nominal; they need to:
> 
> 1) Request an OpenID token, by putting an "application/x- 
> informationCard" <OBJECT> element (or the XHTML equivalent) 
> on their login page;
> 
> 2) Extract the OpenID Authentication response from the XML 
> token posted by the Identity Selector.
> 
> The above are supported in the latest version of the 
> OpenID4Java library. A working implementation is hosted at 
> https:// openidcards.sxip.com/ along with a downloadable 
> source package.
> 
> The spec currently lives at  https://openidcards.sxip.com/spec/openid-
> infocards.html . If it proves useful, it is our intention to 
> have it hosted at openid.net.
> 
> 
> Abstract:
> 
> This document defines a method of performing OpenID 
> Authentication using Information Cards for transferring 
> OpenID claims from an Information Card-enabled OpenID 
> Provider to an Information Card- enabled OpenID Relying Party.
> 
> Protocol flow summary:
> 
> - User acquires an OpenID Information Card from their 
> Information Card-enabled OP.
> - User browses to an OpenID RP.
> - User acquires an OpenID Information Card from their 
> Information Card-enabled OP.
> - User browses to an OpenID RP and invokes an "application/x- 
> informationCard" <OBJECT> element on the RP's login page
> - Identity selector assists the user in choosing an OpenID 
> Information Card to use for logging into the RP
> - Identity selector contacts the OP/STS and retrieves a token 
> that encapsulates an OpenID assertion.
> - RP extracts the OpenID Authentication response from the 
> OpenID Information Card token
> 
> 
> Johnny
> 
> 
> 


More information about the general mailing list