[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Authentication Method
As Tim and I complete the Kerberos Solution profiles doc - ready for the 16th - we have come across an issue we would like to raise - in order to get some feedback. Kerberos currently - as far as the authentication method is concerned - is identified by: URI: urn:ietf:rfc:1510. However as a number of you may be aware Kerberos supports a number of authentication techniques, including PKI/X.509, username/pw, and hardware tokens. We believe this should be identified in the assertion. Hence we would like to have a set of AuthenticationMethods defined. For instance: URI: urn:ietf:rfc:1510 and URI: urn:oasis:names:tc:SAML:1.0:am:password This requirement is not unique to Kerberos - but to any multi-factor authentication system Currently the schema permits only a single AuthenticationMethod attribute Thoughts? John
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]