OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: Re: [security-services] Some questions about saml assurance profile

On 2014-03-2022:55Cantor, Scott <cantor.2@osu.edu> wrote:
>On 3/19/14, 10:43 PM, "chenjianyonglab@163.com" <chenjianyonglab@163.com>
>>Here are some questions about assurance profile.
>> In draft
>That is not the published version, FWIW.
Yes, i know. But where can i get the latest file?

>>However, there is another usecase that loa is for attribute in
>>authorization phase. When requests addtional attributes for
>>authorization, RP expresses its expected loa for attribute(s). On
>>received the request, IdP can response attribute(s) that meet the
>> loa requirement or response error. Is the profile for the usecase?
>No. There are no proposed schemes for talking about attribute assurance
>and there is little evidence that real applications are going to be able
>to handle per-attribute qualifiers of any kind, let alone for a concept as
>poorly defined as assurance.
yeah, maybe assurance is not a good concept. But, I think the truth of attribute is required for services. For example, the truth level of attribute(s) that SP requires for a bank transaction typically is different from that for a social network. 

Juan Wei
Shenzhen University, China


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]