Subject: Re: [trust-el] Questions for Trust Elevation draft reviewers
For those of you reviewing the Trust Elevation draft, here are some questions that might help generate comments. The questions assume that you have a reference protocol that you are comparing Trust Elevation to.
- Section 4.2 diagram - what would this diagram look like when represented in the protocol that you are comparing to?
- Does your protocol have the ability to retry authentication if the current authentication level is not sufficient?
- 1: does the protocol need to be extended in order to be able to express it at all?
- 2: do normal implementations have an ‘orchestration’ facility that can go back for more information, attributes or authentication events?
- Can you write an example policy for the use cases that handle the Step Up or Missing Attributes situations?
- How does your protocol handle composite subjects (meaning Person, Device and Software Client)?