>>On 3/19/14, 10:43 PM, "chenjianyonglab@163.com" <chenjianyonglab@163.com>
>wrote:
>
>>Here are some questions about assurance profile.
>> In draft
>>(http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-assurance-prof
>>ile-draft-02.html),
>That is not the published version, FWIW.
Yes, i know. But where can i get the latest file?
>>However, there is another usecase that loa is for attribute in
>>authorization phase. When requests addtional attributes for
>>authorization, RP expresses its expected loa for attribute(s). On
>>received the request, IdP can response attribute(s) that meet the
>> loa requirement or response error. Is the profile for the usecase?
>No. There are no proposed schemes for talking about attribute assurance
>and there is little evidence that real applications are going to be able
>to handle per-attribute qualifiers of any kind, let alone for a concept as
>poorly defined as assurance.
yeah, maybe assurance is not a good concept. But, I think the truth of attribute is required for services. For example, the truth level of attribute(s) that SP requires for a bank transaction typically is different from that for a social network.