Final: OpenID Provider Authentication Policy Extension 1.0 : Definition (俺約)

 

1.  Definitions



TOC


1.1.  Requirements Notation

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] (Bradner, B., “Key words for use in RFCs to Indicate Requirement Levels,” 1997.) .



TOC


1.2.  Conventions

Throughout this document, values are quoted to indicate that they are to be taken literally. When using these values in protocol messages, the quotes MUST NOT be used as part of the value.

All OpenID 2.0 messages that contain a Provider Authentication Policy Extension (PAPE) element MUST contain the following extension namespace declaration, as specified in the Extensions section of [OpenIDAuthentication2.0] (specs@openid.net, “OpenID Authentication 2.0,” 2007.) . (PAPE拡張要素を含むOpenID2.0メッセージは以下の拡張ネームスペースを含めること)

openid.ns.<alias>=http://specs.openid.net/extensions/pape/1.0

The actual extension namespace alias should be determined on a per-message basis by the party composing the messages, in such a manner as to avoid conflicts between multiple extensions. For the purposes of this document and when constructing OpenID 1.1 messages, the extension namespace alias SHALL be "pape". (ネームスペースはメッセージ毎にかえてよいが、"pape"が望まれる。)

Additionally, this specification uses name spaces for the custom authentication level identification. It is in the form of (さらにカスタム認証レベル識別子には以下のネームスペースを使える)

openid.pape.auth_level.ns.<cust>=http://some.authlevel.uri

The actual extension namespace alias should be determined on a per-message basis by the party composing the messages, in such a manner as to avoid conflicts between multiple extensions. For the purposes of this document and when constructing OpenID 1.1 messages, the one custom authentication level identification extension namespace defined by this specification is "nist". Others may also be defined and used by implementations, for example, "jisa". (実際の拡張ネームスペースはメッセージごとに決めてよい。このドキュメントでは"nist"とか"jisa")


TOC

1.3.  Terminology

The following terms are defined in [OpenIDAuthentication2.0] (specs@openid.net, “OpenID Authentication 2.0,” 2007.) :

  • Identifier
  • OpenID Provider (OP)
  • Relying Party (RP)
  • User-Agent
Authentication Method: (認証手段)

An Authentication Method is a single mechanism by which the End User authenticated to their OpenID Provider, for example, a password or a hardware credential. (End UserがOPに認証されるときの手段。パスワードとかハードウェアクレデンシャルとか)

Authentication Policy: (認証方針)

An Authentication Policy is a plain-text description of requirements that dictate which Authentication Methods can be used by an End User when authenticating to their OpenID Provider. An Authentication Policy is defined by a URI which must be previously agreed upon by one or more OPs and RPs. (テキスト文書であり、OPでEnd Userを認証するときに使われる認証手段は記述された方針にのっとって行われる)

Final: OpenID Provider Authentication Policy Extension 1.0

カテゴリー: 未分類 パーマリンク

コメントを残す

以下に詳細を記入するか、アイコンをクリックしてログインしてください。

WordPress.com ロゴ

WordPress.com アカウントを使ってコメントしています。 ログアウト / 変更 )

Twitter 画像

Twitter アカウントを使ってコメントしています。 ログアウト / 変更 )

Facebook の写真

Facebook アカウントを使ってコメントしています。 ログアウト / 変更 )

Google+ フォト

Google+ アカウントを使ってコメントしています。 ログアウト / 変更 )

%s と連携中