[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Re: [iaeg] FYI:SP 800-63 Rev. 1
this line would appear to mandate use of SAML Authn Context (or an
equivalent attribute-based mechanism) "All assertions recognized within this guideline must indicate the assurance level of the initial authentication of the Subscriber." paul ' =JeffH ' wrote: below's the full blurb on the NIST drafts page <http://csrc.nist.gov/publications/PubsDrafts.html>.. =JeffH ------ Dec. 12, 2008 SP 800-63 Rev. 1 DRAFT Electronic Authentication Guideline Draft SP 800-63 Revision 1: E-Authentication Guideline is available for a second public comment period. It supplements OMB guidance, by providing technical guidelines for the design of electronic systems for the remote authentication of citizens by government agencies. The revision represents an expansion and reorganization of the original document, broadening the discussion of technologies available to agencies, and giving a more detailed discussion of assertion technologies. Changes intended to clarify the pre-existing requirements are also included in the revision. The bulk of the changes since the previously posted draft of SP 800-63-1 concern assertion technologies and Kerberos. Comments will be accepted until January 30, 2009. Comments should be forwarded via email to eauth-comments@nist.gov. http://csrc.nist.gov/publications/drafts/800-63-rev1/SP800-63-Rev1_Dec2008.pdf --- end --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]