assurance - Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches
Subject: Assurance
List archive
- From: Tom Scavo <>
- To:
- Subject: Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches
- Date: Fri, 10 Aug 2012 08:24:22 -0400 (EDT)
> The fact that Google and others have gone to the trouble of becoming
> ICAM approved is evidence that 800-63 is gaining traction as a
> standard "in the broader marketplace".
No, I don't think so. Google is simply acknowledging the fact that IdPs will
ultimately be categorized with respect to their trustworthiness. Jumping on
the ICAM bandwagon is perhaps the best way to distinguish yourself as an IdP,
at least for the moment.
Note that Google could not possibly certify as InCommon Bronze since they
don't meet the password entropy requirements. However, Google employs
risk-based authentication measures that mitigate some of the same threats
that password entropy addresses. AFAIK, there's nothing about risk-based
authentication in 800-63 but apparently ICAM thinks Google's approach
deserves LoA-1.
Tom
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, (continued)
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Roy, Nicholas S, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Roy, Nicholas S, 08/08/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Michael R. Gettes, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Roy, Nicholas S, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/08/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Joe St Sauver, 08/08/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Michael R. Gettes, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Roy, Nicholas S, 08/09/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Tom Scavo, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Ann West, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Tom Scavo, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, William G. Thompson, Jr., 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Cantor, Scott, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, William G. Thompson, Jr., 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Cantor, Scott, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Ian Young, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Tom Scavo, 08/10/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/10/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Roy, Nicholas S, 08/09/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/10/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Cantor, Scott, 08/10/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/10/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Jones, Mark B, 08/08/2012
- Re: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Michael R. Gettes, 08/08/2012
- RE: [Assurance] RE: [confluence] InC-Assurance > Remote-Proofing Approaches, Roy, Nicholas S, 08/08/2012
Archive powered by MHonArc 2.6.16.