Skip to Content.
Sympa Menu

assurance - Re: [Assurance] questions about how to implement incommon bronze/silver assurance

Subject: Assurance

List archive

Re: [Assurance] questions about how to implement incommon bronze/silver assurance


Chronological Thread 
  • From: "Cantor, Scott" <>
  • To: "" <>
  • Subject: Re: [Assurance] questions about how to implement incommon bronze/silver assurance
  • Date: Tue, 10 Sep 2013 22:08:02 +0000
  • Accept-language: en-US
On 9/10/13 4:34 PM, "XiaoXia Dong"
<>
wrote:

>I am new to this assurance list and would like to get some advice on how
>to implement the bronze/silver assurance. In addition to adding info to
>metadata, how will you determine whether a given logged-in user is
>Silver/Bronze?

There's really nothing in metadata pertaining to assurance.

How you determine the assurance level of a user is fairly specific to your
environment, but there are many scenarios in which the answer to that
leads to a heavy requirement for customization of the IdP (which is partly
what the RFP Paul Hethmon is working on is for).

> And how will you communicate Silver/Bronze status to the SP?

In the AuthnContextClassRef element, which is what the
authenticationMethod configuration setting associated with a login handler
ends up populating.

> Do we need to store the Silver/Bronze
> status in LDAP or some other data store? Thanks.

Possibly.

-- Scott



Archive powered by MHonArc 2.6.16.

Top of Page