ad-assurance - [AD-Assurance] To Do Item - Endorsement language..
Subject: Meeting the InCommon Assurance profile criteria using Active Directory
List archive
- From: "Rank, Mark" <>
- To: "" <>
- Subject: [AD-Assurance] To Do Item - Endorsement language..
- Date: Mon, 20 May 2013 16:41:53 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport04.merit.edu; dkim=neutral (message not signed) header.i=none
Folks...
Here is a stab at an endorsement for the first alternate means ... It got
wordy, but that is because I started out looking at an amicus brief for ideas
on structure :). Feel free to suggest ruthless edits...
Please advise,
Mark
-------------------------- begin draft -----------------------------
Title:
Endorsement by the AD Assurance Working Group in support of "Alternative
Means for Satisfying Requirements 4.2.5.1, 4.2.5.2, and 4.2.8.2.1 in Active
Directory Domain Services Environments" submitted by the University of
Chicago.
Introduction:
This alternate means proposal involves a process by which credentials exposed
to possible compromise through the use of unsigned, i.e. unencrypted, BINDs
or the use of NTLMv1 are identified and become ineligible for Silver
assertions within 72 hours of such use.
Endorsement:
In collaboration with representatives of the University of Chicago, the AD
Assurance Working Group has reviewed the alternate means proposal. The
working group found the proposal compatible with Identity Assurance Profile
1.2 and what the working group understands to be general accepted community
practice. The working group wishes to endorse the proposal as one that would
be both a practical solution and a benefit for the InCommon Assurance Program.
Interested Parties:
The AD Assurance Working Group is an ad-hoc working group of InCommon
Federation representatives working on technical issues associated with
compliance of Active Directory Domain Services and the InCommon Assurance
Framework Profiles. The following working group members were involved with
the review of the proposal and the final endorsement:
Working Group Members
<Name>, <Institution>
Mark Rank, UCSF
-------------------------- end draft -----------------------------
--------------------------------------------------
Mark Rank
Project Manager - Identity & Access Mgt
UCSF Information Technology Services (ITS)
email:
phn:414-331-1476
--------------------------------------------------
- [AD-Assurance] To Do Item - Endorsement language.., Rank, Mark, 05/20/2013
- Re: [AD-Assurance] To Do Item - Endorsement language.., David Walker, 05/20/2013
- RE: [AD-Assurance] To Do Item - Endorsement language.., Rank, Mark, 05/20/2013
- Re: [AD-Assurance] To Do Item - Endorsement language.., David Walker, 05/20/2013
- RE: [AD-Assurance] To Do Item - Endorsement language.., Rank, Mark, 05/24/2013
- RE: [AD-Assurance] To Do Item - Endorsement language.., Rank, Mark, 05/24/2013
- RE: [AD-Assurance] To Do Item - Endorsement language.., Rank, Mark, 05/24/2013
- Re: [AD-Assurance] To Do Item - Endorsement language.., David Walker, 05/20/2013
- RE: [AD-Assurance] To Do Item - Endorsement language.., Rank, Mark, 05/20/2013
- Re: [AD-Assurance] To Do Item - Endorsement language.., David Walker, 05/20/2013
Archive powered by MHonArc 2.6.16.