assurance - Re: [Assurance] stored authentication secrets
Subject: Assurance
List archive
- From: Tom Scavo <>
- To:
- Subject: Re: [Assurance] stored authentication secrets
- Date: Fri, 29 Jun 2012 09:07:45 -0400 (EDT)
> In moving from version 1.1 to 1.2 of the Identity Assurance Profiles,
> section 4.2.3.4 (Stored Authentication Secrets) was deemphasized,
> that is, the requirements of that section now only apply to Silver.
> I'm wondering why this was done?
Oops, I missed the reference to stored passwords in the new section 4.2.3.5:
"Authentication Secrets shall not be stored as plaintext."
Thanks,
Tom
- [Assurance] stored authentication secrets, Tom Scavo, 06/28/2012
- Re: [Assurance] stored authentication secrets, Tom Scavo, 06/29/2012
- Re: [Assurance] stored authentication secrets, Ann West, 06/29/2012
- Re: [Assurance] stored authentication secrets, Tom Scavo, 06/29/2012
Archive powered by MHonArc 2.6.16.