Difference between revisions of "Credential"
From MgmtWiki
(→Solutions) |
(→Context) |
||
| Line 4: | Line 4: | ||
==Context== | ==Context== | ||
*The original digital [[Credential]] was just a shared secret, usually called a [[Password]]. | *The original digital [[Credential]] was just a shared secret, usually called a [[Password]]. | ||
| − | *More secure [[Credential]]s keep private keys which are used to build an [[Identity Token]] which can include anti-replay elements, that is sent to a requester. | + | *More secure [[Credential]]s keep private keys which are used to build an [[Identity Token]] which can include anti-replay elements, that (with [[User Consent]]) is sent to a requester. |
| + | |||
==Solutions== | ==Solutions== | ||
*A [[Certificate]] binds a credential to an [[Identifier]] of its owner as well as (potentially) other [[Attribute]]s. | *A [[Certificate]] binds a credential to an [[Identifier]] of its owner as well as (potentially) other [[Attribute]]s. | ||
Revision as of 20:58, 2 August 2018
Full Title or Meme
A Credential in the digital realm is a structure which contains, at a minimum, a secret value.
Context
- The original digital Credential was just a shared secret, usually called a Password.
- More secure Credentials keep private keys which are used to build an Identity Token which can include anti-replay elements, that (with User Consent) is sent to a requester.
Solutions
- A Certificate binds a credential to an Identifier of its owner as well as (potentially) other Attributes.
- Typically there is also a binding to some sort of real-world credential, usually a piece of paper with a seal.
