assurance - RE: [Assurance] Assurance InterOp: Notes/AIs from 9/19
Subject: Assurance
List archive
- From: "Curry, Warren" <>
- To: "" <>
- Subject: RE: [Assurance] Assurance InterOp: Notes/AIs from 9/19
- Date: Tue, 20 Sep 2011 13:35:00 +0000
- Accept-language: en-US
Understood and I concur.
Warren
-----Original Message-----
From:
[mailto:]
On Behalf Of Cantor, Scott
Sent: Tuesday, September 20, 2011 9:03 AM
To:
Subject: Re: [Assurance] Assurance InterOp: Notes/AIs from 9/19
On 9/20/11 8:45 AM, "Curry, Warren"
<>
wrote:
>I would like to see the case of the null value handled. This is the case
>that is many individual account at UF will not attain Bronze or Silver
>certification. They run in the same IdP and could attempt to access a
>service with null value. It would be a better data solution to provide
>for a value when the assertion is null. This easily distinguishes an
>implementation or data error vs a user who has not been given an InCommon
>IAP level of Assurance.
To be clear, a literal null isn't possible in a response, there's always
an AuthnContext of some kind. The only question is what it is. Today it's
usually the PasswordProtectedTransport constant, with perhaps a few others
mixed in.
The problem comes in when an SP wants to ask for an IAQ, but allow for
anything. I found that an odd use case, but if it were necessary, the only
way to represent that is to use one of the comparison operators the IdP
doesn't support, or have an IAQ to use to represent "any" alongside Bronze
or Silver. The SP couldn't use, say, PasswordProtectedConstant, because it
wouldn't know for sure that the IdP was using that as a baseline.
-- Scott
- [Assurance] Assurance InterOp: Notes/AIs from 9/19, Ann West, 09/19/2011
- Re: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Cantor, Scott, 09/19/2011
- RE: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Curry, Warren, 09/20/2011
- Re: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Cantor, Scott, 09/20/2011
- RE: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Curry, Warren, 09/20/2011
- Re: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Cantor, Scott, 09/20/2011
- RE: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Curry, Warren, 09/20/2011
- Re: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Jim Basney, 09/19/2011
- Re: [Assurance] Assurance InterOp: Notes/AIs from 9/19, Cantor, Scott, 09/19/2011
Archive powered by MHonArc 2.6.16.