+xns/Authentication
Data: PersonalIdentityCredential

+xns/Core/XNSObject
   |
   +--+xns/Authentication/Credential
         |
         +--+xns/Authentication/PersonalIdentityCredential


An authentication credential created by a personal identity in an active login session for the purpose of utilizing that login session to authenticate to another identity. The identity this credential will be used for has a trust relationship with the personal identity, allowing it to be used as an authentication identity. The personal identity may be a web-based personal identity or a hardware-based identity, such as a smart card, capable of producing and signing authentication certificates.


 

Data Elements
String AuthCert Encrypted authentication certificate, Base64 encoded.
Boolean Compressed Is the authentication certificate compressed?
+xns/Core/IdentityAddress EncryptedFor Address of the identity owning the public key used to encrypt the authentication certificate.
+xns/Core/IdentityAddress PersonalIdentity Address of the personal identity the credential represents.
+xns/Core/IdentityAddress SignedBy Address of the identity who signed the contained authentication certificate.
 

Element Detail

AuthCert

Encrypted authentication certificate, Base64 encoded. This certificate was created by the +xns/Authentication/CertifySession message for the purpose of certifying a login session with the specified personal identity. The authentication certificate has been signed, possibly compressed, then encrypted using the public key of the EncryptedFor identity. If the SignedBy identity supports the certification service, it may be used to verify the authentication certificate. It may also be used to register for notification of session logout.  

DataType: String
 


Compressed

Is the authentication certificate compressed? True=the authentication certificate was compressed prior to encryption, and must be uncompressed after decryption; False=the authentication certificate is not compressed.  

DataType: Boolean
 


EncryptedFor

Address of the identity owning the public key used to encrypt the authentication certificate. This will be either the identity which the personal identity credential will be used to authenticate against or that identity's host. It will usually be encrypted for the host, thus reducing the number of public keys required to be known.  

DataType: +xns/Core/IdentityAddress
 


PersonalIdentity

Address of the personal identity the credential represents.  

DataType: +xns/Core/IdentityAddress
 


SignedBy

Address of the identity who signed the contained authentication certificate. This can be either the specified personal identity or the host of the personal identity. Most authentication certificates are signed by the host in order to reduce the number of public keys required to be known.  

DataType: +xns/Core/IdentityAddress
 


Publishing Identity: +xns
© 2002 XNSORG
Last Updated: 07/09/2002