[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Auth]ping
|
From: |
Hans Zandbelt |
|
Subject: |
Re: [Auth]ping |
|
Date: |
Mon, 18 Feb 2002 08:52:45 +0100 |
Timothy,
> Hello all. I have not seen much traffic on this list
> in a while. I was wondering how work on IDSec is
> progressing?
I'm working on a PHP implementation of the server
side components; this will serve as the reference
implementation for IDsec. I will finish it this month.
We have also developed a "native" Apache module which
is in alpha testing phase now.
I've constructed an installation manual for the Java
demo implementation and I'm currently updating the
code so that it is compatible with the PHP implementation.
Code is available via http://idsec.sourceforge.net
but be aware that there has not been a release yet;
the CVS code may be broken (as a matter of fact it
is now, but I'll fix it today).
> 1. How will IDSec plug into the DotGNU platform? I
> read on an earlier post that an Apache IDSec module
> was being developed. Will it talk to the SEE, or some
> other mechanism?
I have not done any DotGNU specific work on IDsec.
I guess the DotGNU auth module will talk to
the SEE, so IDsec would have to be adapted for that.
> 2. How do we sell a Virtual Identities (and Auth
> DotGNU) solution to a wider audience - businesses,
> governments, etc. These people have been bombarded
> with news about Passport and Sun's Liberty project.
> How do we get the word out there?
I'm in contact with IETF and a Project Liberty member
organization and they are reviewing the IDsec draft; their
initial response has been quite positive.
In a few weeks/months I will prepare an update of the Internet
Draft specification; this could serve as input for
standardization.
> 3. When a client first goes to an IDSec site, how will
> a Content Provider know that a client is using an
> IDSec system (I'm assuming the client made an HTTP
> request to this site)?
The Profile Requester (Content Provider is old terminology now)
will initiate a handshake with the IDsec enabled client.
For web-clients this will consist of a HTTP redirect message
with a cookie that will be interpreted and altered by an IDsec
enabled client or transparently passed by a non-IDsec aware
client.
Hans.
- [Auth]ping, Timothy Washington, 2002/02/17
- Re: [Auth]ping,
Hans Zandbelt <=