MFA Interop Working Group

[Michael A Grady <>]

Thanks. I'd been meaning to contact Jacob and ask him if he needed some help perhaps drafting a "stalking horse" document or two. But waiting till 2016 sounds good. :-)

But, while I'm thinking about it, I wanted to mention something I was thinking about the other day and that a question just now on the Shib Users list reminded me of. And that is the idea of having a variation on the authentication context required/satisfied based on truly forcing the user to do the 2nd factor, and not allowing "remember this device" or "trusted networks". Which might mean, for example, you'd need multiple app integrations with Duo from your IdP, one that allows activating features like remember this device", and one that doesn't. Work we are doing for a client needing two distinct integrations with Duo (not based on those features, but Duo commercial vs Duo FISMA) spurred me to consider other reasons why you might want multiple integrations with the same 2nd Factor service.

On Dec 15, 2015, at 3:23 PM, Paul Caskey <> wrote:

Hello Everyone-

 

As you no doubt are aware, the work of the MFA Interop group has been stalled for a bit.

 

There are some folks involved with this group who just got swamped by excessive workload (and from the people who actually pay them!  J  ).

 

We intend to restart things after the first of the year, so please stay tuned!

 

Meanwhile, Happy Holidays to you all!

 

 

Thanks for your participation,

-Paul

--
Michael A. Grady
IAM Architect, Unicon, Inc.