Home
Releases
Issue Tracker
Source Code
Stats
People
License
 
1-10 of 35 < Previous Next >
1 vote
closed

Logging strategy

Reminder to investigate the logging strategy for information card ruby.

id# 1013 | Planned Release: None | Last Updated: Jun 25 2007 at 6:48 PM  by joepoon
1 vote
closed

Auto-populate user fields on registration with information card

As a user, it'd be nice if the fields (ex. username, email address) would populate from the claims in the information card (if present).

id# 1012 | Planned Release: information_card_authentication 0.1.0 | Last Updated: Jun 25 2007 at 6:48 PM  by joepoon
1 vote
closed

Performance Review

This is a reminder to review the performance - epescially when it comes to parsing & examing the encrypted and SAML tokens.

id# 471 | Planned Release: None | Last Updated: Jun 25 2007 at 6:48 PM  by joepoon
1 vote
closed

Security Review / Threat Model

Examine the security vulnerabilities to exercise due diligence when providing a plugin/library that performs user authentication for sites.

id# 470 | Planned Release: None | Last Updated: Jun 25 2007 at 6:48 PM  by joepoon
1 vote
closed

Validate SAML Schema

Should the SAML document be validated against a schema? Also, the schema does not allow "colons" in the AssertionID, yet the SAML tokens generated have "colons."

id# 469 | Planned Release: None | Last Updated: Jun 25 2007 at 6:48 PM  by joepoon
1 vote
closed

Support encryption algorithms

As a developer, I would like to support both http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and http://www.w3.org/2001/04/xmlenc#rsa-1_5 algorithms for decrypting the incoming information card token.

id# 458 | Planned Release: None | Last Updated: Jun 25 2007 at 6:48 PM  by joepoon
1 vote
closed

Support x509 certificates in SAML KeyInfo

As a developer, I would like the library to support scenarios where the public key of the identity provider uses x509 certificates.

id# 457 | Planned Release: None | Last Updated: Jun 25 2007 at 6:47 PM  by joepoon
1 vote
closed

Protect against replay attacks

As a developer, I would like the library to protect the end user from replay attacks (ensure that the assertion id has not been used within the same window before).

id# 456 | Planned Release: None | Last Updated: Jun 25 2007 at 6:47 PM  by joepoon
1 vote
closed

Detect for information card enabled browser

s a developer, I would like a mechanism for detecting if the user is using an information card enabled browser. Script code can detect browser support for Information Cards within Internet Explore...

id# 453 | Planned Release: None | Last Updated: Jun 25 2007 at 6:47 PM  by joepoon
1 vote
closed

Specify policy via XHTML Syntax

As a developer, I would like the option of specifying the security policy via XHTML syntax (as opposed to OBJECT tags) to handle the scenarios where OBJECT tags are not supported.

id# 452 | Planned Release: None | Last Updated: Jun 25 2007 at 6:47 PM  by joepoon

Configure View

Search
Sort by Id
Release
Title
Updated
Votes
1-10 of 35 < Previous 1 2 3 4 Next >
Show  10  25  50  All items
© 2006-2008 Microsoft | Privacy Statement | Terms of Use | Code of Conduct | CodePlex Blog | Version 2008.8.12.13328
Updating...