assurance - Re: [Assurance] dept's leveraging central authentication systems ....
Subject: Assurance
List archive
- From: Ann West <>
- To:
- Subject: Re: [Assurance] dept's leveraging central authentication systems ....
- Date: Mon, 20 Aug 2012 11:25:51 -0400 (EDT)
Scott,
Can you explain what "a policy against such apps" means? Do you mean "a
policy against non-silver-compliant apps using silver credentials"?
Ann
> >If you have services using your silver credential, they should
> >conform to
> >the Silver spec so the credential is not compromised. Look at the
> >trust
> >model diagram on page 4 of the IAAF and you'll see non-IdP Apps
> >within
> >the scope (shaded area) of the IAP implementation for that reason.
> >
> >I think this is one reason why many schools are layering on
> >two-factor
> >and using that for Silver-only apps, but I'm sure others can comment
> >further.
>
> One of the conversations I recall not seeing a conclusion on was
> whether
> having a policy against such apps was sufficient or whether you had
> to
> have actual technical controls in place to prevent it.
- [Assurance] dept's leveraging central authentication systems ...., Steven Carmody, 08/16/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Ann West, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Cantor, Scott, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Ann West, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Cantor, Scott, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Eric Goodman, 08/20/2012
- RE: [Assurance] dept's leveraging central authentication systems ...., Lovaas,Steven, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Eric Goodman, 08/20/2012
- RE: [Assurance] dept's leveraging central authentication systems ...., Jones, Mark B, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Eric Goodman, 08/21/2012
- RE: [Assurance] dept's leveraging central authentication systems ...., Jones, Mark B, 08/21/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Eric Goodman, 08/21/2012
- RE: [Assurance] dept's leveraging central authentication systems ...., Lovaas,Steven, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Eric Goodman, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Cantor, Scott, 08/20/2012
- RE: [Assurance] dept's leveraging central authentication systems ...., Jones, Mark B, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Ann West, 08/20/2012
- RE: [Assurance] dept's leveraging central authentication systems ...., Jones, Mark B, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Cantor, Scott, 08/20/2012
- Re: [Assurance] dept's leveraging central authentication systems ...., Ann West, 08/20/2012
Archive powered by MHonArc 2.6.16.