Refeds


Subject Re: draft charge, refeds working group on attribute release
From Leif Johansson <leifj@xxxxxxxx>
Date Tue, 05 Jul 2011 09:24:53 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/04/2011 04:27 PM, Nicole Harris wrote:
> Sorry David but I think your analysis of a university's ability to reach LOA2 is wildly inaccurate, and I say this with some authority, having a reasonably good view of the opinions of Uk institutions on this from my job role and from surveys undertaken by JISC and the UK federation.  I will also repeat that our remit is not just for higher education institutions. 
> 

This is a subtle and complex business. From my experience (SWAMID)
most members _believe_ they need LOA>1 for most services. In
some cases they are probably correct (eg enrollment).

Most SWAMID IdPs would probably be able to support most of AL2
for at least its employees. The diff is probably _mostly_ centered
around credentials management (eg password entropy).

Its easy to say "LOA2" but once you start to look at the criteria
its not always as easy as you think...

	Cheers Leif

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk4SvEIACgkQ8Jx8FtbMZnf5tACfYJ8IdvJG+P1jlXphUanocasq
5O8An2y6azYEdT0C0M4mWWQ+r106ys3k
=+gFc
-----END PGP SIGNATURE-----