If you have a single web server that uses html pages, like most bloggers do, the easiest way to take advantage of infocard identities is to get the Identity Selector to post tokens directly to your web server. Normally, you might get the contents of a form in the post. When using InfoCards you get a “token”. Various types of token are possible, but SAML tokens are most common. The built-in self-asserted identity provider uses the SAML format.
<enc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:enc="http://www.w3.org/2001/04/xmlenc#"> <enc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#"> <e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> </e:EncryptionMethod> <KeyInfo> <o:SecurityTokenReference xmlns:o="http://docs.oasis-open.org/wss/2004/01/ oasis-200401-wss-wssecurity-secext-1.0.xsd"> <o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/ oasis-wss-soap-message-security-1.1#ThumbprintSHA1" EncodingType="http://docs.oasis-open.org/wss/2004/01/ oasis-200401-wss-soap-message-security-1.0#Base64Binary"> +PYbznDaB/dlhjIfqCQ458E72wA= </o:KeyIdentifier> </o:SecurityTokenReference> </KeyInfo> <e:CipherData> <e:CipherValue> 1dYJm11Qw2UDKuS7OsjY23k+vX4l5nHkKUC71ev7 jtDUC0dFn1mcWunmGV272bpXGHeyWIviv2Salkxj XErXBwO3hq9/dNyDfY7VvLRi5rOvn1Szgb71d0Xg rKCvnUljhy9bSssSxtYgr4YOTkUV894z0yXS9omK S0XNtm/dzr4= </e:CipherValue> </e:CipherData> </e:EncryptedKey> </KeyInfo> <enc:CipherData> <enc:CipherValue> 77Ybo3C32JckPMD+lxm9t7KKxfQjMT8ojczrDs0i HsxJ3Q6i3B04RAGrOivLfqMYzYP4lZXsM2lF8cUs aVOTY9KqsJjpOBwyk37n9tw7pV6E3SXkHtXx92xl 5AqmjPeBdDI/syrIjgE1bpbn5sX5PpNoOmAbYSV2 dQRBnImKJBAfKQFFmMk0mcUb/Bv11w9aCAgimPy7 UfwqQPhkPp0DbCoINFZsmbgppelTHTh6Bnpe/it9 OPDqBeUaILVBA7vMVvgDA0vmklb9g3mEzo1va5GG 4GP/u0xuCG7x9glozdDVtsBsohJiGj0UnFS2QI0o ZbfbMS9rtWCiHRbp0TIhcykn70PUooVJrU/HcKDh baKnoC3dd0Y73gqTogwvruYZ3Fg9mqhlYMSoLmsR sz+W8a935WQM1OAcNz6VEjxaKn7QDRZn/OfQhW1r XsWh+oazVKHdxpa9vvj6UeV3w8DaJsmZDO5SRTep LjZzfMENc52XG8CJfDrVHEuPmals92NoTN+BwIc6 R4WpHPxr+P7GPfpb24apOfgBmfN/snq+Jy37PLjV 4yivz9NmP6EKEpDI7u7b+evytYRmQrh04T/aL6gi NHzgfHo7PxiNU6hvCKNQ0vtKgMp1R6QjkMV93FvS 1I6eknbHLjbUJaJuuGI3eH83RN/Gx7bsuDvfTvDL WiTTsG2zD5UPWeEjx+ROCkhLpb8Ojm8h6fI3s+Qv qUuzAbzH8cHiyfWGAt8HPe1BwKWcU25XbVfQTOnG jP2+NXt2AUtDYimUjydSlyMzk0Bi3GPr19aav2UV N1gr2ldVotma4lpNonhLjk+liHTrrO7P51/vkc4k P7koLTLBmmNooOQrJ1w70MelRjZnFbCdoadyzH8j z/vR/zzvO62z4ycFyn/S9OxqFqrufKpyijnopVS3 bf4JGazumScIutKfUUpWOtRELXnCpv4S9JB4FIkr Kqqgi/3rh06QMByWK6DU7cf94dI3jIzx336A1a/r . . . Wvl2o5ABIqvToMV1bp16Ns1ImSgxuB074kmAvAUx b/LXPXq1Gwcz2YtyaHMYSUvzzzYRuDH9qu0R6748 B/C1if4MeXHUqMPYaEQ+dhuzoVUMuy7/kQVP5ckb B0asMSqIiJp5B4vecBe/aGQo9AYNEwPv4xAB5cvr PBEG4TCFtSVyJkn2LcdwNzqmNqIewGMxawwUPgxe D2w== </enc:CipherValue> </enc:CipherData> </enc:EncryptedData>