MFA Interop Working Group

[Eric Goodman <>]

On the last bullet in the document, I'm not sure the bullet calls out that 
(IIRC) the question was about whether the category carries any "assurance" 
connotations that the campus is self-asserting vs. it being simply an 
operational assertion that the IdP can respond with the MFA (and perhaps 
base) context. 

Perhaps:

-Is there value in a formal institutional declaration of support for MFA?  

+Is there value in the entity category specifically representing a 
"self-asserted assurance" that the campus meets the profile, in addition to 
the technical/operational conformance elements identified above?

-Could that declaration be as simple as a box in the Federation Manager that 
could be checked by the site administrator?

+Could that declaration be as simple as a box in the Federation Manager that 
could be checked by the site administrator, as compared to relying on 
separate self-assurance documentation as is required for InCommon Bronze 
compliance?


Not sure that's better, but might be more specific. :)

--- Eric

-----Original Message-----
From: 

 
[mailto:]
 On Behalf Of David Walker
Sent: Friday, May 06, 2016 12:29 PM
To: MFA Interoperability Profile Working Group
Subject: [MFA-Interop] DRAFT not to 

 about an MFA entity category

Everyone,

As promised, I've drafted a note for the Assurance list about our discussion 
yesterday of an IdP entity category to indicate MFA support. 
It's a Google Doc at
https://docs.google.com/a/internet2.edu/document/d/1Cdc7MeQIyrTCCU4aVfbcSnad8_oqV-5jK902VqkZQUE/edit?usp=sharing.
 
As we discussed, please respond with comments quickly so the final version 
can be sent on Monday. 

Karen, we didn't discuss who would send it.  It's probably best from you, but 
I can send it, if you'd rather.

David