OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: FYI: "An IANA Registry for SAML 2.0 Level of Assurance ContextClasses"

Just spotted, possibly of interest to the SAML TC members, as
germane to the CS spec:

"An IANA Registry for SAML 2.0 Level of Assurance Context Classes" [1]

This document establishes an IANA registry for Level of Assurance
Context Classes for SAML 2.0. The registry is intended to be used
as an aid to discovering such LoA definitions.

Introduction

This document establishes an IANA registry for Level of Assurance
Context Profiles for SAML 2.0. Such objects are XML schema
definitions that fulfil the requirements of
sstc-saml-loa-authncontext-profile-draft-01
[OASIS.sstc.saml-loa-authncontext-profile-draft-01]. Quoting from
this specification we find the following definition of the concept
of level of assurance:

   'Many existing (and potential) SAML federation deployments
   have adopted a "levels of assurance" (or LOA) model for
   categorizing the wide variety of authentication methods into
   a small number of levels, typically based on some notion of
   the strength of the authentication. Federation members
   (service providers or "relying parties") then decide which
   level of assurance is required to access specific protected
   resources, based on some assessment of "value" or "risk".'

Several so called trust frameworks and identity federations now
exist, some of which define one or more LoAs. The purpose of
this specification is to create an IANA registry where such LoA
definitions can be discovered.


[rcc, refs:

http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-assurance-profile-cs-01.html
http://www.oasis-open.org/committees/download.php/28706/sstc-saml-loa-authncontext-profile-draft-01.pdf
http://wiki.oasis-open.org/security/SAML2LOAAuthnCtxProfile
http://groups.google.com/group/simplesamlphp/browse_thread/thread/14d9491d7711e738?pli=1 
]

- rcc

[1] refs
From: http://www.ietf.org/internet-drafts/draft-johansson-loa-registry-00.txt
Title: An IANA Registry for SAML 2.0 Level of Assurance Context Classes
Reference: IETF Internet Draft, draft-johansson-loa-registry-00
Date: April 2, 2011
Data Tracker: https://datatracker.ietf.org/doc/draft-johansson-loa-registry/
Tracker Listing: http://ietfreport.isoc.org/idref/draft-johansson-loa-registry/
Tools: http://tools.ietf.org/html/draft-johansson-loa-registry-00 (HTML)
Announced: http://www.ietf.org/mail-archive/web/i-d-announce/current/msg37113.html

-- 

Robin Cover
Interim TC Administrator
OASIS, Director of Information Services
Editor, Cover Pages and XML Daily Newslink
Email: robin@oasis-open.org
Staff bio: http://www.oasis-open.org/who/staff.php#cover
Cover Pages: http://xml.coverpages.org/
Newsletter: http://xml.coverpages.org/newsletterArchive.html
Tel: +1 972-296-1783

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]