[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] Authentication Methods - Proposed changes tocore-29
Proposed complete text:
Subject Confirmation Methods are defined in
the SAML Profile or Profiles in which they are used [SAMLBind]. Additional methods may be added by defining
new profiles or by private agreement. The
following identifiers refer to SAML specified Authentication methods. Where
Base64 encoding is specified the data is encoded as specified by [RFC
2045]. 1.1.1.
Password
(Pass-Through):
URI: urn:oasis:names:tc:SAML:1.0:am:password The authentication was performed by means of
a password. 1.1.2.
Kerberos URI: urn:ietf:rfc:1510 <SubjectConfirmationData>: A Kerberos Ticket Theauthentication was performed by means of the Kerberos protocol
[RFC 1510], an instantiation of the Needham-Schroeder symmetric key
authentication mechanism [Needham78]
. 1.1.3.
SSL/TLS Certificate Based Client
Authentication:
URI:
urn:ietf:rfc:2246 The authentication was performed using either
the SSL or TLS protocol with certificate based client authentication. TLS is
described in [RFC
2246]. 1.1.4.
X.509 Public Key
URI:
urn:oasis:names:tc:SAML:1.0:am:X509-PKI
The
authentication was performed by some (unspecified) mechanism on a key
authenticated by means of an X.509 PKI. It may have been one of the mechanisms
for which a more specific identifier has been defined
below. 1.1.5.
PGP Public Key
URI:
urn:oasis:names:tc:SAML:1.0:am:PGP
The
authentication was performed by some (unspecified) mechanism on a key
authenticated by means of a PGP web of trust. It may have been one of the
mechanisms for which a more specific identifier has been defined
below. 1.1.6.
SPKI Public Key
URI:
urn:oasis:names:tc:SAML:1.0:am:SPKI
The
authentication was performed by some (unspecified) mechanism on a key
authenticated by means of a SPKI PKI. It may have been one of the mechanisms for
which a more specific identifier has been defined
below. 1.1.7.
XKMS Public Key
URI:
urn:oasis:names:tc:SAML:1.0:am:XKMS
The
authentication was performed by some (unspecified) mechanism on a key
authenticated by means of a XKMS trust service. It may have been one of the
mechanisms for which a more specific identifier has been defined
below. 1.1.8.
XML Digital Signature
URI:
urn:ietf:rfc:3075
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC