OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] Some questions about saml assurance profile


On 3/19/14, 10:43 PM, "chenjianyonglab@163.com" <chenjianyonglab@163.com>
wrote:
>
>Here are some questions about assurance profile.
> In draft 
>(http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-assurance-prof
>ile-draft-02.html),

That is not the published version, FWIW.

>However, there is another usecase that loa is for attribute in
>authorization phase. When requests addtional attributes for
>authorization, RP expresses its expected loa for attribute(s). On
>received the request, IdP can response attribute(s) that meet the
> loa requirement or response error. Is the profile for the usecase?

No. There are no proposed schemes for talking about attribute assurance
and there is little evidence that real applications are going to be able
to handle per-attribute qualifiers of any kind, let alone for a concept as
poorly defined as assurance.

-- Scott




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]