[OpenID] ANN: OpenID Information Cards spec and workingimplementation
Broberg, Jeffrey C
Jeffrey.Broberg at ca.com
Wed Aug 22 09:25:13 PDT 2007
Does this mean that the RP will have to use SSL and provide a cert ?
jeff
> -----Original Message-----
> From: general-bounces at openid.net
> [mailto:general-bounces at openid.net] On Behalf Of Johnny Bufu
> Sent: Tuesday, August 21, 2007 11:47 PM
> To: OpenID List
> Subject: [OpenID] ANN: OpenID Information Cards spec and
> workingimplementation
>
> Hello list,
>
>
> Attached is a specification for using Information Cards and
> an Identity Selector to perform OpenID Authentication. This
> enables users of Identity Selectors to have a consistent
> experience across Information Card and OpenID sites.
>
> The requirements for a Relying Parties to support OpenID
> Information Cards are nominal; they need to:
>
> 1) Request an OpenID token, by putting an "application/x-
> informationCard" <OBJECT> element (or the XHTML equivalent)
> on their login page;
>
> 2) Extract the OpenID Authentication response from the XML
> token posted by the Identity Selector.
>
> The above are supported in the latest version of the
> OpenID4Java library. A working implementation is hosted at
> https:// openidcards.sxip.com/ along with a downloadable
> source package.
>
> The spec currently lives at https://openidcards.sxip.com/spec/openid-
> infocards.html . If it proves useful, it is our intention to
> have it hosted at openid.net.
>
>
> Abstract:
>
> This document defines a method of performing OpenID
> Authentication using Information Cards for transferring
> OpenID claims from an Information Card-enabled OpenID
> Provider to an Information Card- enabled OpenID Relying Party.
>
> Protocol flow summary:
>
> - User acquires an OpenID Information Card from their
> Information Card-enabled OP.
> - User browses to an OpenID RP.
> - User acquires an OpenID Information Card from their
> Information Card-enabled OP.
> - User browses to an OpenID RP and invokes an "application/x-
> informationCard" <OBJECT> element on the RP's login page
> - Identity selector assists the user in choosing an OpenID
> Information Card to use for logging into the RP
> - Identity selector contacts the OP/STS and retrieves a token
> that encapsulates an OpenID assertion.
> - RP extracts the OpenID Authentication response from the
> OpenID Information Card token
>
>
> Johnny
>
>
>
More information about the general
mailing list