...
- We must be aware of who will be certified (or assessed) by using 63C SAC. Unlike 63A or 63B, an IdP need cooperation with (or enforcement by) its participating federation. Therefore, a pair (IdP, federation) would be a target for assessment, considering the current operations of federations mentioned below.
...
- Richard
...
- said it is a good idea, but not feasible.
...
- Richard
...
- added that the Service Provider would need to be individually assessed. He also pointed out that there are no means to assess -?- (min 39:20) exclusively at the moment, a similar process could be created.
-Richard W. also sees a problem because a meaningful federation will
have multiple CSPs (IdPs), so assessing the Federation Authority with only (either) a
single CSP or (alternatively) ALL CSPs seems either pointless or
alternatively very burdensome.
...