[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[DotGNU]Virtual Identities

From: Peter Minten
Subject: [DotGNU]Virtual Identities
Date: Wed, 06 Nov 2002 19:07:17 +0100


currently it's becoming clear how the DotGNU system will work, one part of the
system however isn't too clear: Virtual Identities (VI's). 

The way I see things is that a VI is a kind of extended vcard. It contains
personal information like name and e-mail address and it contains a public key
for encrypting information. The VI is stored on a VI server. 

When a user contacts a webservice it sends a pointer to the VI. The webservice
then contacts the VI server to check who is calling, the VI server talks a bit
with the user to check if the VI belong to the user. If that's true the VI
server sends the VI (or parts of it, configurable by the user) to the
webservice. Authorization complete.

In diagram form:
                 1                               2
+--------+ -------------> +--------------+ -------------> +-------------+
|  user  |                |  webservice  |                |  VI server  |
+--------+ <------------- +--------------+ <------------- +-------------+
  |    |         6                               5          |         |
  |    |                         4                          |         |
  |    \------------------------->--------------------------/         |
  |                                                                   |

1       User calls webservice with service request
2       Webservice calls VI server with the information user has given
3       VI server calls user with request to authenticate
4       User authenticates to VI server
(it's possible that step 3 and 4 are repeated for a more complex authentication
5       VI server sends VI to webservice
6       Webservice sends authorization complete message to user

Is this correct?



reply via email to

[Prev in Thread] Current Thread [Next in Thread]