Setting up a quick & dirty STS which supports smartcard backed managed cards… using Zermatt | CloudIdentity


http://www.cloudidentity.com/blog/2008/07/17/SETTING-UP-A-QUICK-DIRTY-STS-WHICH-SUPPORTS-SMARTCARD-BACKED-MANAGED-CARDS-USING-ZERMATT/

Long ago, folks knew that getscope had a inbound-token-validation design purpose. Of course it doesn’t really show till you do async  methods. Only then do u get the handle on the full “scope” : that in tge given rst and that in the (multiple) operation context -extensions- -extensions-that behaviors may have established.

You might set the rp cert (for token encryption) based on a behaviour that looked at the client cert of the transporting channel … and its root certs.  … driving thereby cert selection based on both audience name and the country authenticating the transport channel’s cert.

Hmm. 2008. Piv cards. National id. Zermatt…

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in coding theory. Bookmark the permalink.