Jun 21, 2008 at 7:33 AM
OK now I have some time (*grin*) I'm approaching this again.
As I see it I/we need the following basic operations
Claim population is outside the STS scope and will be down to your implementation of your web site.
- get new card identifier for user/authentication method
- attach card identifier to user/authentication method (these first two are obviously linked; but to my mind need to be separated)
- revoke card identifier
- revoke all cards for user
In addition there will be the following events (and I'm still not sure of the best way to do this; an autoevent wireup would be lovely, but probably overkill and needs some hokey reflection)
Does anyone think we need anything else?