assurance - Re: [Assurance] silver, 2-factor, password requirements

Subject: Assurance

List archive

Re: [Assurance] silver, 2-factor, password requirements

From: Tom Scavo <>
To:
Subject: Re: [Assurance] silver, 2-factor, password requirements
Date: Thu, 29 Nov 2012 16:55:15 -0500 (EST)

> The CIC schools' multi-factor working group
> thought at least one of the factors would need to meet all the
> Silver requirements.

If that were true, why introduce a second factor? In any case, this advice
doesn't seem to align with the spirit and intent of the IAP: "If other
Credentials are used to authenticate the Subject to the IdP, they must meet
or exceed the effect of these requirements."

?

Tom

RE: [Assurance] silver, 2-factor, password requirements, (continued)
- Re: [Assurance] silver, 2-factor, password requirements, David Walker, 11/28/2012
- RE: [Assurance] silver, 2-factor, password requirements, Dunker, Mary, 11/28/2012
  - Re: [Assurance] silver, 2-factor, password requirements, Tom Scavo, 11/29/2012
    - RE: [Assurance] silver, 2-factor, password requirements, Dunker, Mary, 11/30/2012

List archive

Re: [Assurance] silver, 2-factor, password requirements