Is an authnContextClassRef of "unspecified" the same as "PasswordProtectedTransport" ?

Chad La Joie lajoie at
Sat Jan 28 00:18:34 GMT 2012

The IdP documentation details the process the IdP uses to select an
authentication method.

On Fri, Jan 27, 2012 at 19:09, Terry Fleury <tfleury at> wrote:
> On 1/27/2012 5:28 PM, Tom Scavo wrote:
>> On Fri, Jan 27, 2012 at 5:45 PM, Terry Fleury<tfleury at>  wrote:
>>> During my InCommon SP Assurance Use Case testing, I discovered that passing
>>> authnContextClassRef="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified"
>> You mean all by itself? I'm not sure why you'd do that...what semantic
>> are you trying to convey?
> At this point, I'm just trying to understand how the
> authnContextClassRef thing works. I doubt I would ever pass just
> "unspecified" by itself. I really want to say "give me silver, bronze,
> or anything else you can give me", in that order. Not sure how to
> accomplish that.
> In my brief amount of testing, it seems to me like if I request any of
> silver, bronze, or PasswordProtectedTransport by themselves, the IdP
> will respond with that if it is configured as such. "unspecified" gave
> me the first configured method.
> Terry Fleury
> tfleury at
> --
> To unsubscribe from this list send an email to users-unsubscribe at

Chad La Joie
trusted identities, delivered

More information about the users mailing list