[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Auth]IDsec retrieve protocol
|
From: |
Hans Zandbelt |
|
Subject: |
[Auth]IDsec retrieve protocol |
|
Date: |
Sun, 17 Mar 2002 10:04:53 +0100 |
Hi all,
Remember that we all agreed that running a web-service can
be a too heavy requirement on average users when they want
to act as a local Profile Manager?
I ended up with saying that this is an implementation issue
and the best solution would be linking a local Profile Manager
client library against the web-client. Also this library
could very well be the same as the one that a remote Profile
Manager links against his web-server. I'll actually prove
this now:
Let's add a 3rd profile retrieve protocol to the ones
defined in section 8 of the IDsec draft where I defined
http and https so far. I expected to extend it with things
like ftp and ldap but now I define the "self" protocol.
If the URI found in the Session Certificate presented by
the Profile Owner to the Profile Requester contains
"self" instead of "http" or "https", the Profile Requester
will just return a kind of "profile retrieve" response to
the Profile Owner instead of setting up a new connection
to an "http" or "https" URI. This profile retrieve "response"
will contain the Profile Requester certificate as usual.
The Profile Owner will react on this response with the same
actions as a remote or local Profile Manager manager would
do with an "http" or "https" profile retrieve request. So
in fact he will delegate it to the same Profile Manager
software and return the result to the Profile Requester.
And here we are: a local Profile Manager without running
a webserver.
The best part about this is that I can really easily implement
it in the current IDsec PHP software! I add three lines of PHP
code to return a profile retrieve response upon determination
of a "self" URI. And in the IDsec client software I merely
call the PHP executable to get the profile data delivered
from the very same PHP pages that the remote Profile Manager
may use! Quod erat demonstrandum.
Hans.
PS: I heard that PHP can be compiled to C. If I use this
and link the resulting code to the Libery Guardian plugin,
it would be cool.
- [Auth]IDsec retrieve protocol,
Hans Zandbelt <=