Skip to Content.
Sympa Menu

ad-assurance - RE: [AD-Assurance] Draft scope statement

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

RE: [AD-Assurance] Draft scope statement

Chronological Thread 
  • From: "Michael W. Brogan" <>
  • To: "" <>
  • Subject: RE: [AD-Assurance] Draft scope statement
  • Date: Sat, 9 Mar 2013 00:10:59 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=neutral (message not signed) header.i=none

Looks like I misinterpreted the Cookbook on that one. Although is covered, the Cookbook doesn’t state that the requirement applies to AD-DS. I think I can remove my comment about from the Scope section.


I think I should add as it adds “protected channel” to the transmission requirements listed previously, some of which don’t specifically call for a protected channel.




From: [mailto:] On Behalf Of David Walker
Sent: Friday, March 08, 2013 3:51 PM
Subject: Re: [AD-Assurance] Draft scope statement


Looks good, Michael.

Regarding, I agree with the AD Cookbook's assessment that it's not relevant to IdP <=> Verifier communication.  The relevant section would be (S) Network Security, which says, "1. Appropriate measures shall be used to protect the confidentiality and integrity of network communications supporting IdMS operations.  Protected Channels should be used for communications between systems."


On Fri, 2013-03-08 at 22:31 +0000, Michael W. Brogan wrote:

I’ve posted a draft scope statement on the wiki:


The material Mark previously added to the page regarding mapping of AD products to the IdMS functional model is a different sort of thing from the scope of our effort,  but it’s valuable background. For now I just gave it a new subheading and kept the content on the Charter/Scope page, but it might work better as a separate reference page.




Archive powered by MHonArc 2.6.16.

Top of Page