...
- Discussion on the cas-dev mailing list: https://lists.wisc.edu/read/messages?id=18431743
- NIST Electronic Authentication Guideline
- Key areas of interest:
- Section 5: Registration and Issuance Process
- Section 6.3 - Token Assurance Levels (pp 48-54)
- Really, the whole document is very interesting and directly applicable
- Key areas of interest:
- E-Authenticaiton Authentication Guidelines for Federal Agencies
- Key areas of interest
- Section 2.2: This is an interesting discussion of risk assessment - addresses the question: "Why do we want LOA?"
- Section 2.4: Examples of various levels
- Key areas of interest
- Incommon Assurance Policies Bronze and Silver
- Key areas of interest
- Section 4.1: Summary of Identity Assurance Criteria
- Key areas of interest
- Authentication Contexts for SAML 2.0
- Key areas of interest
- Section 3.4: Authentication Context Classes list
- Key areas of interest
...