mfa-interop - [MFA-Interop] Changes based on conversation on today's call
Subject: MFA Interop Working Group
List archive
- From: Eric Goodman <>
- To: "" <>
- Subject: [MFA-Interop] Changes based on conversation on today's call
- Date: Thu, 28 Apr 2016 21:12:49 +0000
- Accept-language: en-US
- Authentication-results: incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=none action=none header.from=ucop.edu;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:23
|
Hi all, I put some proposed changes in the Usage Guidance document based on our conversation today. They are all entered as suggestions, so they are clearly marked (and undoable): ·
Added a section called “Types of Factors” that calls out that two different passwords is not compliant with the profile. ·
Modified the language about factors that are accessible using only the first factor per suggestions on the call.
o
Focus was on inserting the text: “is no more secure than the single factor by itself” as an explanation of why it is not considered sufficient. ·
Same change made to the “reregistration” example. ·
Added text about SPs needing to validate returned <AuthnContextClassRef> values in the “Considerations” section.
o
Scott, I did already take a stab to make it more strongly focus on validating the values in responses, rather than focusing on “not trusting” the request by itself, but of course feel free to further edit. In the Base Level profile, I also suggested changes to remove the language that the profile will “establish a base over which other profiles can be defined”.
--- Eric |
- [MFA-Interop] Changes based on conversation on today's call, Eric Goodman, 04/28/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Fredrik Åslund, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
- RE: [MFA-Interop] Changes based on conversation on today's call, Roger A Safian, 04/29/2016
- RE: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Scott Koranda, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Keith Hazelton, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Bellina, Brendan, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Keith Hazelton, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Scott Koranda, 04/29/2016
- RE: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Fredrik Åslund, 04/29/2016
Archive powered by MHonArc 2.6.16.