OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Question on SAML V2.0 Identity Assurance Profiles ,Version 1.0

Hi Paul, Bob, Scott

I have a question on your latest CD.

We have built a system which requires the LOA to be split into two 
components, the registration LOA and the authentication/login LOA.

I's like to know if you have envisaged your CD to be used to represent this.

So could I for example send this in the IDP's metadata


This could be used to represent authentication by a Versign Class 1 
certificate which does very little registration (level 1) but whose 
authn/login strength is much higher (say level 3).

Similarly we want to be able to send this dynamically in a SAML 
assertion. I presume it would be admissable there as well?



David W. Chadwick, BSc PhD
Professor of Information Systems Security
School of Computing, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick@kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]