Skip to Content.
Sympa Menu

mfa-interop - Re: [MFA-Interop] FW: [refeds] Consultation: REFEDS MFA Profile

Subject: MFA Interop Working Group

List archive

Re: [MFA-Interop] FW: [refeds] Consultation: REFEDS MFA Profile


Chronological Thread 
  • From: "Cantor, Scott" <>
  • To: Eric Goodman <>, "" <>
  • Subject: Re: [MFA-Interop] FW: [refeds] Consultation: REFEDS MFA Profile
  • Date: Wed, 1 Mar 2017 20:15:23 +0000
  • Accept-language: en-US
  • Authentication-results: spf=pass (sender IP is 164.107.81.212) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=pass action=none header.from=osu.edu;
  • Ironport-phdr: 9a23:pz8xeRfCq+yEnaFg4r6uRfr0lGMj4u6mDksu8pMizoh2WeGdxc26ZheN2/xhgRfzUJnB7Loc0qyN4v2mAjRLuM3b+Fk5M7V0HycfjssXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aFRrwLxd6KfroEYDOkcu3y/qy+5rOaAlUmTaxe71/IRG2oAnLuMQanYRuJrs/xxfXv3BFZ/lYyWR0KFyJgh3y/N2w/Jlt8yRRv/Iu6ctNWrjkcqo7ULJVEi0oP3g668P3uxbDSxCP5mYHXWUNjhVIGQnF4wrkUZr3ryD3q/By2CiePc3xULA0RTGv5LplRRP0lCsKMSMy/XrJgcJskq1UvBOhpwR+w4HKZoGVKOF+db7Zcd8DWGZNQtpdWylHD4ihbYUAEvABMP5YoYfjulUOsRWwCwqiBOztyz9HmnD40qIh3uQ9Cg7G2RAsE84SvHnWqtj+KaccUfqyzKnN1TjPYe1b1i376IjUdRAhu+mAVq9tf8XNzkkvCx/FgluNooHiIzyazOINs3Sc7+p6T+6jlXUqqwZqojiy3MsjlJTGhp8Mx13C6C53w541KMWmREFhfdKoDZ5duzyHO4drR84iTW5ltDomxrADt560YicHxZsiyhPaafGLb5aE7gr+WOqPIjp0nm9pdb2+ihqo9UWtxffwWte73VtJtiZFnMfDu3MR2xHW78WKRP9w80a91TuKyg/c9+JJLEExmKXAMZEt3Ls9mYAOvkjdHyL7nlj9grWMeUU+4Oeo7vzqYrX4qZ+YMI95khnwP7gplMCjH+g0KxUAUXCG9eil073s5lP2TK9Njv0rjqnWq5faJdkdpqGkGQNVypwj6xGjDzi4zNsYgXgHLFVDeB6diIjpJk3OIPT/Dfe4gFSgiitkx/fDPrH5A5XNKGbMkKv5cLpj8UFQ1Bc/wNVC655JF70MJfzzV0DtuNDECxI5PRK7zunoBdh4044TW36DDrGBPKPXq1CI5+YvI+eWZI8SvTbwM+Qq6OTojX8lnl8dZ7Ol0YUMZXC/BfRmPl+VbmTxjdccCWsKpBYxTPT2iF2eVj5ef3eyX6Qg6TE8DYKmCIDDRoa3jLyGxie7EYRaZmVICl+WCHvodoOEW+sSZyKIJc9hiicJVbygS486yRGurxH2x6BmLurS5i0Xq4jj1N5r6O3Pix0+7yJ7ANmA0zLFc2Yhs3kJTHcZ26dzpEV7ggOuy6lzxdNfEtBW7vVhTww9LdjRw/EsT5i4XwzIO9aPVFu8Rc2OADc6Sdc0xNlIZFxyUZ32ix7KmiusH7IPkKSjBZo/9afZ2H63INxynSXozq4k2hMNS81TMnfizpV08BTPTcadmEyfi6GwM/402zXQsmqP0Dzd7wljTAdsXPCdDjgkbUzMoIG8vxuaQg==
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99
On 3/1/17, 3:07 PM,
"
on behalf of Eric Goodman"
<
on behalf of
>
wrote:

> Perhaps also relevant: when the MFA Profile discussion went forward, the
> REFEDS framework had planned to
> communicate authentication event information via attributes; e.g.,
> “eduPersonAssurance=REFEDS_IAP/authn/mfa” to
> say that MFA was done (rather than AuthnContext). So much of their
> discussion was around how to communicate
> authentication information at all, and wasn’t MFA/basic specific.

If the app cares, it will usually want to express that and restrict the IdP
(which can't be done with attributes, at least not in practice), and if it
doesn't, why communicate anything?

But that said, that certainly explains why it wouldn't be needed, since
expressing nothing would be pretty equivalent to basic.

-- Scott



Archive powered by MHonArc 2.6.19.

Top of Page