imi message

Subject: RE: [imi] Question regarding encryption

From: "Scott Cantor" <cantor.2@osu.edu>
To: "'John Bradley'" <jbradley@mac.com>, "'Mario Ivkovic'" <mario.ivkovic@a-sit.at>
Date: Mon, 7 Dec 2009 14:06:25 -0500

John Bradley wrote on 2009-12-07:
> Cardspace but not as I understand it Cardspace 2 (Yet) will support KoK
via
> a RP/STS. So the RP site must Run a STS to transform the HoK token to a
bearer
> token for the form post.

Right, that needs to get fixed.
 
> What users public key?   In IMI there isn't one except for p-cards.

Anything that's not p-cards is a function of implementation and profiling. I
don't believe the surrounding profile constraints how a client/selector can
manage keys and use them in the flows with managed cards, does it?

And to be clear, yes, I'm trying to find the time to propose a specific set
of changes for this to the 1.1 profile.

-- Scott

References:
- [OASIS Issue Tracker] Created: (IMI-25) ic09:X509Principal andic09:X509SubjectAndIssuer introduced in locations that violate IMI 1.0schema
  - From: OASIS Issues Tracker <workgroup_mailer@lists.oasis-open.org>
- Question regarding encryption
  - From: Mario Ivkovic <mario.ivkovic@a-sit.at>
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>
- Re: [imi] Question regarding encryption
  - From: Mario Ivkovic <mario.ivkovic@a-sit.at>
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>
- Re: [imi] Question regarding encryption
  - From: Mario Ivkovic <mario.ivkovic@a-sit.at>
- Re: [imi] Question regarding encryption
  - From: John Bradley <jbradley@mac.com>