Skip to Content.
Sympa Menu

ad-assurance - [AD-Assurance] MCB and AD Silver Cookbook

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

[AD-Assurance] MCB and AD Silver Cookbook


Chronological Thread 
  • From: Eric Goodman <>
  • To: "" <>
  • Subject: [AD-Assurance] MCB and AD Silver Cookbook
  • Date: Thu, 14 Nov 2013 22:01:22 +0000
  • Accept-language: en-US

Hi all,

 

Just a thought…

 

If a campus were using the MCB, would that mean that they could enforce that Silver assertions are only generated from username/password based login events? Then they could use other authentication forms (Kerberos or NTLM via ADFS, SPNEGO, GSSAPI) when NOT asserting Silver but still be compliant with our interpretation and “needle threading”?

 

A possibly less-queasy-making option that popped into my head last night when I was processing/recapping what I’d picked up in the various ACAMP sessions.

 

--- Eric




Archive powered by MHonArc 2.6.16.

Top of Page