Enforce MFA for federated IDPs
Zunan Dong
zunan.dong at utoronto.ca
Fri May 3 14:56:03 EDT 2019
Hi Scott,
https://refeds.org/profile/mfa is an AuthnContextClassRef inserted into SAML Req/Resp. Is there any entity category that ensures a particular IDP supports this Authn Context?
I have found a final report of "Multi-Factor Authentication Inter-operability". It seems like whether to create an entity category for MFA in InCommon is still on pending. Do you have a conclusion for that?
Thanks,
Zunan Dong
Authentication Systems Specialist
Information Security
Information Technology Service
University of Toronto
________________________________
From: users <users-bounces at shibboleth.net> on behalf of Scott Koranda <skoranda at gmail.com>
Sent: Thursday, 25 April 2019 10:41:27 AM
To: Shib Users
Cc: Jin Fang
Subject: Re: Enforce MFA for federated IDPs
> We have an SP requires MFA for internal users(authenticate against our
> internal IDP). Now we want users from other universities/institutions to
> use this SP through federated IDPs. How do we enforce MFA for those
> IDP/users? Is there a standard that helps the collaboration between SPs
> and IDPs on MFA enforcement(like R&S, SIRTFI)?
https://refeds.org/profile/mfa
Scott K
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190503/772b54b8/attachment.html>
More information about the users
mailing list