Versions Compared

Old Version 11

changes.mady.by.user Former user

Saved on

compared with

New Version 12

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

  • The Yadis XRDS document only advertizes the SREG/AX service(s) supported by the OP but not the exact list of supported attributes/claims.
  • Proposal : Extension to the YADIS XRDS document.

    Explicitly advertize OP's supported attributes/claims part of XRDS document published by the OP ?

    _

    Help needed on best way to do it with XRDS…

InfoCard

Supported claims are advertized at the creation/import of the Information Card.

Assurance Characteristics

IDP's supported Authentication Contexts and Assurance Levels

SAML

Generic mechanism defined in "SAML Metadata Extension for Entity Attributes" and specific attribute already defined in "SAML Identity Assurance Profiles"

Proposal for ACs : define a new attribute name for Authentication Context classes :

Code Block
 urn:oasis:names:tc:SAML:attribute:authn-context-class
OpenID

Supported Authentication policies can already be advertized in the Yadis XRDS document as specified in "OpenID Provider Authentication Policy Extension 1.0" (should also be used to advertize supported Assurance Level ?)

Can PAPE be used as well to advertize the OP's Assurance Level ? (and how does it relates to the OIX Listing Service ?)

InfoCard
  • Authentication Contexts and Assurance Levels are just considered as claims.
  • As an example, claims for Assurance Levels have been defined by ICF :
    Code Block
     icam-assurance-level-1
 icam-assurance-level-2
 icam-assurance-level-3

Logo/Name/Description

SAML

An OASIS working draft exists with SAML metadata extensions for capturing this information. It is protocol agnostic.

http://wiki.oasis-open.org/security/SAML2MetadataUI

OpenID

Proposal : Extension to the YADIS XRDS document

Advertize OP's DisplayName and Logo URL part of XRDS document published by the OP ?
Help needed on best way to do it with XRDS…

InfoCard

N/A (either just the "InfoCard" logo or CardTile of the last used InfoCard)

...

User Agent Inputs

  • Preferred/Supported/Previously Used Issuers
    • Opportunity to bias or pre-populate choices based on history, user affiliations/preferences, etc.
  • Accessibility Requirements
    • Do pop-ups cause accessibility concerns for discovery or login?

...

See Also