Assurance

[Eric Goodman <>]

This is a University of California specific assurance level we call of "UCTrustBasic". It was defined prior to InCommon Silver, but is effectively the same set of requirements and UC will be retiring the "UCTrustBasic" in favor of InCommon Silver as we all align better with the InCommon IAPs.

There are a handful of multi-campus UC-based applications where we require the assertion to grant access. So yes, this is an app where the requirement is that we assert the assurance. 

That said, technically the assurance is just implemented as an attribute transmitted along with other SAML attributes; I'm not sure if that's the same thing as the AuthRequest/AuthnContext model, but I suspect it's not.

--- Eric

On Tue, Jan 24, 2012 at 3:52 PM, RL 'Bob' Morgan <> wrote:

I suppose the other thing to point out here is that I expect that there isn't really any experience with testing/monitoring in an assurance-is-required scenario because there are, at this point, hardly any real-life assurance-is-required scenarios.  I'm amazed that you have a vendor SP that is requiring something-like-Silver.  Are they actually supporting/requiring the use of the standardized AuthRequest/AuthnContext means of expressing assurance?

 - RL "Bob"