...
Please see Unisys Report here: RQuint-Unisys Kantara Service Assessment Criteria - KBV impasse for IAL2.docx
NIST Special Publication 800-63A specification (NIST original spec text): NIST.SP.800-63a.pdf
- Roger presented the issue he has found in the 63A criteria related to the use of KBV. He commented that the NIST 800-63A specifications points to Section 5.3.2 to address KBV for IAL2. The heading specifically says: “The following requirements apply to the identity verification steps for IAL2…” 2. Kantara SAC version 3 does not carry the requirements of Section 5.3.2 allocated for KBV compliance (those items are marked n/a).
- Scott said that KBV that why it is not listed as strong.
- José added that
Section 4.4
Update on Identity Proofing and Verification Use Cases Discussion Group
...