RE: [security-services] NIST prohibits use of SAML assertions at LOA 4

["Scott Cantor" <cantor.2@osu.edu>]

> The current version doesn't explicitly forbid assertions.  800-63 v1.02
says
> "Level 4 authentication is based on proof of possession of a key through a
> cryptographic protocol" and I would consider SAML protocols to satisfy
that.

In the abstract yes, but the original SSO profile? Absolutely not.

I don't have any problem with Conor's point; I think the original text
you're quoting is the right approach. It's not a SAML issue, it's a
statement about the requirements of whatever the underlying technology is.
 
> I'm not sure why the browser is part of the equation.  The assertions are
> signed can be encrypted for the use of the RP only.

Yes, but they can be stolen in transit or in the client and used by the
attacker. You can argue about the threat, but that's the threat they're
talking about.

> If you utilize all the
> protective measures in SAML, I don't see how using PKI between the Client
> and the RP is any different from PKI between Client and IDP, and then
using
> that same PKI tech to provide a provable reference back to that
> authentication.

Are you talking about a holder of key profile, or the original profile? Only
the HoK proposal uses those measures or provides a "provable reference".
Standard SSO is bearer, as you know. No binding of the channel to the
assertion.

> I guess my point is that if you believe that PKI is valid and practically
> unassailable, then you should also believe that about PKI-based signing
and
> delivery of credential materials.

Maybe I misunderstood your point, but generally when people talk about SAML
SSO, they aren't talking about PKI-based delivery. Maybe you were assuming
that, but for me that isn't really realistic because the UI for client
certificates just doesn't work.

-- Scott