A Real-World Assurance Profile That Meets RP and IdP Needs -- Monterey Room
TOPIC:
CONVENER: Paul Caskey
SCRIBE: Nick Roy
# of ATTENDEES: 15
MAIN ISSUES DISCUSSED:
Assurance profile that meets the needs of VOs and other real-world use cases that does enough to be useful, but is not impossible for IdPs to implement.
ACTIVITIES GOING FORWARD / NEXT STEPS:
Create a new, simple, self-asserted profile that meets real-world security requirements of IdPs and RPs.
Simple, realistic, based on trust established between IdPO, InCommon, RPs
5 Paragraphs
Assert authN context, IdP tagged with entity category (based on self-asserted compliance letter from executive), based on the following format of a new assurance profile, to be written to include:
Intro
1) Strong AuthN used for this event
2) Agree to do incident response by notifying RPs if a credential they have been exposed to is compromised
3) Identity registration (including existing relationship) good enough to be used with high stakes apps on campus
Conclusion