ad-assurance - [AD-Assurance] AAC Response: Clarification on Authentication Secrets
Subject: Meeting the InCommon Assurance profile criteria using Active Directory
List archive
- From: Ann West <>
- To: "" <>
- Cc: "" <>
- Subject: [AD-Assurance] AAC Response: Clarification on Authentication Secrets
- Date: Tue, 27 Aug 2013 16:46:36 +0000
- Accept-language: en-US
|
Dear Colleagues,
The AAC agrees with the AD group that "Authentication Secrets" in the IAP refers to secrets shared by a Subject and the Verifier that are used in Subject's authentication
to the IdP. Any other secrets, keys, etc that the Verifier verifies that are not used by Subjects to authenticate to the IdP are not in scope for 4.2.3.6.x. The set of Authentication Secrets in scope for the IAP is further restricted to just those belonging
to Subjects that are in scope for the IAP.
4.2.5 addresses the integrity of authentication of a Subject to the IdP by requiring the existence of certain types of controls that reduce the chance that someone might impersonate a Subject when authenticating to the IdP. Best regards,
Ann on behalf of the AAC
----
Ann West
Assistant Director,
InCommon Assurance and Community
Internet2 based at Michigan Tech
office: +1.906.487.1726
|
- [AD-Assurance] AAC Response: Clarification on Authentication Secrets, Ann West, 08/27/2013
- [AD-Assurance] RE: AAC Response: Clarification on Authentication Secrets, Capehart,Jeffrey D, 08/30/2013
- Re: [AD-Assurance] RE: AAC Response: Clarification on Authentication Secrets, Ann West, 08/30/2013
- [AD-Assurance] RE: AAC Response: Clarification on Authentication Secrets, Capehart,Jeffrey D, 08/30/2013
Archive powered by MHonArc 2.6.16.