问题描述

确定卡空间已用尽.那么好吧！卡空间长(如openid连接).但是openid connect永远不会是卡片空间，因此它与Web服务和绑定紧密链接.

Ok cardspace is dead. so ok! long live cardspace (as openid connect). But openid connect will never quite be cardspace, so tightly linked in with web services and bindings.

在dotnet 4,5中，cardspace-时代机制还剩下什么

So to whats left of cardspace-era mechanisms in dotnet 4,5

暴露带有已发行令牌凭证类型的wshttp绑定的svc和具有绑定到wsfederation的第二终结点(其中sts地址为"any")的同一svc之间有什么区别? (在逻辑上调用Cardspace和IDP选择， 给定的声明元数据匹配)?

What is the difference on the wire between a svc exposing wshttpbinding with issuedtoken credential type, and that same svc with a second endpoint bound to wsfederation where the sts address is "any" (logically invoking cardspace and idp selection, given claims metadata matching)?

在后者中，saml令牌ocCurs(带有证明令牌)支持完整的安全对话.那前者呢?仅仅是肥皂标头中的saml承载令牌，可以使用服务证书进行加密以进行非对称密钥传输吗?

In the latter, full secureconversation supported by saml token ocCurs (with proof tokens). What about the former? Is it just a saml bearer token in a soap header, possiblly encrypted using the service cert for asymmetric key transport?

推荐答案

这篇关于使用cardspace作为isededtoken与使用cardspace作为发现联合idp的方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！