shibboleth-dev - RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?
- Date: Sun, 27 Jul 2008 23:18:49 -0400
- Organization: The Ohio State University
> Why? What's the app going to do with this public key?
I don't think we know enough to answer that question. For one thing, that
STS is usable with holder of key credentials on non-browser scenarios.
> We don't deliver to
> apps the credentials used by IdPs when they authnticate.
No, but that's because the SP's job is to authenticate the IdP for the
application. Here it can't do that.
> Seems to me that
> this credential is nothing but a validation that the other information
comes
> from the same user as used the site before. I suggest that a 128 bit
> hash of the public key ought to be enough information. It's an identifier
> and nothing more.
I don't think there's any reason to reduce the amount of information
provided when it's easier to provide the actual key. You're starting (I
think) with a KeyInfo that the C++ code already knows how to turn into DER.
Giving it something else is more work, not less.
-- Scott
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Peter Williams, 07/25/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Jim Fox, 07/25/2008
- Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Scott Cantor, 07/26/2008
- Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Jim Fox, 07/27/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Scott Cantor, 07/27/2008
- Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Jim Fox, 07/27/2008
- Re: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Scott Cantor, 07/26/2008
- RE: [Shib-Dev] how to deliver personal infocard keyinfo to app?, Jim Fox, 07/25/2008
Archive powered by MHonArc 2.6.16.