Authn Better Matching
cantor.2 at osu.edu
Mon May 4 12:57:48 EDT 2015
On 5/4/15, 12:03 PM, "Marvin Addison" <marvin.addison at gmail.com> wrote:
>This leads to a new question: is it common for SPs to specify custom matching semantics when specifying a required authn context class?
It's extremely rare to see SPs requesting anything (*) and basically unheard of for anything but exact.
The InCommon silver rollout and the few research SPs that are part of that conversation are pretty much the sole audience for any of this right now.
(*) There are occasional vendors that insist on requesting either password contexts or some custom thing, and it's always a mistake / lack of understanding because none of them mean to say "don't allow anything but password".
More information about the users