[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Some questions about saml assurance profile
On 3/19/14, 10:43 PM, "chenjianyonglab@163.com" <chenjianyonglab@163.com> wrote: > >Here are some questions about assurance profile. > In draft >(http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-assurance-prof >ile-draft-02.html), That is not the published version, FWIW. >However, there is another usecase that loa is for attribute in >authorization phase. When requests addtional attributes for >authorization, RP expresses its expected loa for attribute(s). On >received the request, IdP can response attribute(s) that meet the > loa requirement or response error. Is the profile for the usecase? No. There are no proposed schemes for talking about attribute assurance and there is little evidence that real applications are going to be able to handle per-attribute qualifiers of any kind, let alone for a concept as poorly defined as assurance. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]