`
lao_lee
  • 浏览: 96744 次
  • 性别: Icon_minigender_1
  • 来自: 北京
最近访客 更多访客>>
社区版块
存档分类
最新评论

PIN code for managed card

阅读更多
在Microsoft CardSpace 1.0中,是可以用PIN code保护managed card的,但是这一点在规范中说的却很模糊,到底保护了什么数据? Managed card不自己存储claim value, 也没有master key, 所以没有需要用PIN code来加密的数据.

另外, Managed card有自己的方式来防止其被冒用, 因为STS是需要认证的.

基于上述原因,我们在Higgins中不支持managed card的PIN code保护, 这一点是与CardSpace不同的. 我需要测试一个从Cardspace导出的.crds文件, 包含有经过PIN code保护的managed card, 到底有没有被PIN code加密过的字段. 如果没有, 我们将忽略PINDigest.

微软的Mike Jones讨论到这个问题时,承认这是一个document flaw, 详细的讨论在这里可以找到:
http://mailman.netmesh.us/pipermail/osis-general/2008-April/thread.html

摘录一些文字如下:

Hi Tony,

After reviewing the ISIP, I see you have identified an inconsistency.

7.1. Pre-Encryption Transfer Format
Each information card in the transfer stream may contain metadata maintained by the originating identity selector in addition to the original information card metadata. If an identity selector includes a co-resident self-issued identity provider (described in Section, an exported self-issued card may also contain key material as well as any associated claims information. This information is referred to as the “information card private data”. For managed information cards, the private data is absent as that data resides at the managed identity provider.


The highlighted statement isn’t completely accurate.  I think what was meant here was the claim values are not present for managed cards.  However, there actually is  a masterkey  in  managed card, that is created when the .crd is imported ( which also means there is an ‘information card private data’ element for managed cards.)  ISIP Section  4.3.4.1 describes how this masterkey from a managed card is used to calculate the ClientPseudonym, which is included in the RST to the IP, when an RP requests a PPID. 

I'm glad we're finding these nits due to the interop.  That way Mike can fix them in revision of the ISIP that he's working on.

Thanks,
Caleb
分享到:
评论

相关推荐

    DirectX for Managed Code

    DirectX for Managed Code是微软为.NET开发者提供的一套API,旨在让C#和其他.NET语言的程序员能够充分利用DirectX的功能来创建高性能的图形和多媒体应用程序。DirectX是一个包含多个子组件的集合,主要用于游戏开发...

    DirectX for Manager Code

    "DirectX for Manager Code" 提供的是针对托管代码(Managed Code)的DirectX支持,这意味着它是为.NET Framework设计的,允许C#、VB.NET等语言的开发者利用DirectX的功能。 在Visual Studio 2010中,默认不再包含...

    Oracle Data Provider for .NET, Managed Driver for ODAC 12c Release 4

    Oracle Data Provider for .NET, Managed Driver for ODAC (Oracle Data Access Components) 12c Release 4 是Oracle公司为.NET Framework 4.5设计的一款数据访问驱动程序,它提供了全面的功能,使开发者能够构建...

    Managed VCL for C++Builder

    Managed VCL是一款.Net Framework下的Delphi和C++ Builder组件程序To provide a consistent object-oriented programming environment whether object code is stored and executed locally, executed locally but ...

    Managed.Code.Rootkits.2011

    《Managed.Code.Rootkits.2011》是关于.NET Rootkits的一个专题,深入探讨了在.NET框架下创建和检测Rootkit的技术。Rootkit是一种恶意软件工具,它隐藏在操作系统内部,使得攻击者能够秘密地控制受感染的系统,同时...

    Oracle Data Provider for .NET, Managed Driver Beta 11.2.0.3.50

    Managed ODP.NET Beta Now Available ODP.NET, Managed Driver is 100% fully managed. Developers can deploy a single assembly, side by side with other ODP.NET versions easily in a deployment package ...

    Managed Directx 9 Kick Start - Graphics And Game Programming Source Code

    Managed DirectX 9是微软推出的一款用于游戏开发和图形编程的API,它允许程序员利用Windows操作系统下的硬件加速功能来创建高质量的3D图形和游戏。"Managed DirectX 9 Kick Start - Graphics And Game Programming" ...

    ODP.NET_Managed121020.zip

    1. **ODP.NET Managed**: ODP.NET Managed是Oracle Data Provider for .NET的托管版本,它是Oracle针对.NET Framework开发的全托管数据提供程序。它允许.NET开发者使用Oracle数据库,提供了高效、可靠且功能丰富的...

    Ninfa3D -SourceCode-_managed2iz_FreeBASIC_

    "Ninfa3D - SourceCode-_managed2iz_FreeBASIC_"这一项目,其核心是为Ninfa3D引擎提供一个FreeBASIC语言的封装层,使得开发者可以更方便地利用这个引擎进行3D游戏的开发。 FreeBASIC是一种开源的、兼容Microsoft ...

    Connector/Net is a fully-managed ADO.NET driver for MySQL.

    Connector/Net is a fully-managed ADO.NET driver for MySQL. MySql 的 ADO.NET 驱动 版本 6.3.5.0 适用于 .net 4.0

    ManagedProvisioning.apk

    ManagedProvisioning.apk

    ODP.NET_Managed_ODAC12cR4.zip

    在描述中提到的"Installing Oracle Data Provider for .NET, Managed Driver"是安装和配置ODP.NET Managed Driver的过程。这个驱动程序是Oracle Data Provider for .NET(ODP.NET)的一个版本,它完全由.NET ...

    深入managed directx9

    《深入Managed DirectX 9》是一本专为游戏开发者和图形编程爱好者量身打造的技术书籍,主要探讨了如何利用Microsoft的Managed DirectX 9框架进行高效、高质量的3D图形编程。Managed DirectX是.NET Framework的一部分...

    JSF 资源 managed bean 课件

    ### JSF Managed Beans知识点概述 #### 一、JSF与Managed Beans的概念 - **JSF (JavaServer Faces)**:一种用于构建企业级Web应用程序的标准Java技术。它提供了一种简化的方式来构建用户界面,并且能够更好地处理...

    ODP.NET_Managed_ODAC122cR1

    ODP.NET Managed ODAC122cR1是Oracle Data Provider for .NET的管理版本,专为Oracle数据库12c Release 1(12.2)设计。此组件提供了.NET开发者与Oracle数据库交互所需的接口和工具,使得在.NET环境中开发、部署和...

    Managed UDF

    "Managed UDF",即托管用户定义函数,是.NET Framework环境下在Excel中使用VBA(Visual Basic for Applications)或C#等编程语言编写的自定义函数。这些函数可以在Excel工作簿中作为公式调用,扩展了Excel的计算能力...

    ODP.NET_Managed_ODAC122cR1新版.rar

    ODP.NET(Oracle Data Provider for .NET)是Oracle数据库的官方.NET数据提供程序,它提供了全面的数据访问功能,包括连接管理、事务控制、数据类型映射以及性能优化等。ODP.NET Managed Driver是其一部分,它作为一...

    ManagedVCL v1.06 for Delphi

    Managed VCL是一款.Net Framework下的Delphi和C++ Builder组件程序To provide a consistent object-oriented programming environment whether object code is stored and executed locally, executed locally but ...

Global site tag (gtag.js) - Google Analytics