[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Question on SAML V2.0 Identity Assurance Profiles ,Version 1.0
Hi Paul, Bob, Scott I have a question on your latest CD. We have built a system which requires the LOA to be split into two components, the registration LOA and the authentication/login LOA. I's like to know if you have envisaged your CD to be used to represent this. So could I for example send this in the IDP's metadata <saml:AttributeValue> http://foo.example.com/assurance/regloa1 http://foo.example.com/assurnace/loginloa3 </saml:AttributeValue> This could be used to represent authentication by a Versign Class 1 certificate which does very little registration (level 1) but whose authn/login strength is much higher (say level 3). Similarly we want to be able to send this dynamically in a SAML assertion. I presume it would be admissable there as well? regards David ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security School of Computing, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]