I just uploaded a new version (0.9.8) of the openinfocard id selector. You can find it in the project's download area.
Finally we got rid of the XBL code. There are several problems with XBL; the most notable beeing that bindings are not applied to objects in the head section of the html code on the relying party.
Andrew Hodgkinson had the idea to replace the XBL by a progress listener. The progress listener gets every event while the html code is parsed and the page constructed. Clever!
I tweeked Andrew's code a little bit, but all credit goes to him. Thanks.
Further new but somewhat experimental features in this release:
- the cardstore can now be where ever the user chooses it to be (as long as Firefox can treat it like a nsILocalFile). Everything that looks like a file-system should work.
- the cardstore is now encrypted with the Firefox master password (if one is set)
- the cardstore can be on a webserver (GET and POST). This is not tested.
BTW: There is a new version (1.0.4) of the CardSpace4Firefox extension.
Special thanks to Rob Richards too. Rob was the first to adapt Andrew's code for the openinfocard selector and he tested it againt many relying parties. He built a selector selector Firefox extension that calls the actual id selector. The id selectors implement Kevin Miller's API.
I think this is a good idea but somewhat inconvenient for the user because this concept requires two extensions to be installed.
I choose another way and implemented the selector selector in both extensions: openinfocard and CardSpace4Firefox. This way each selector is self contained and does not depend on other extensions. Each extension is programmed to be "friendly" to the other extensions that use the same progress listener scheme.
My plan for the next days is to integrate DigitalMe into the selector selector. Then we have all three id selectors in one instance of Firefox. Nice.
Integrity Properties for Federations
2 weeks ago
No comments:
Post a Comment