[Openid-specs-ab] FICAM LoA for Connect

Justin Richer jricher at mitre.org
Mon May 21 18:23:33 UTC 2012

That's the same starting point that I'd been giving folks, so it's good 
to hear that I was on the right page, at least. I would love to see a 
hypothetical stab at what would be in a profile that would provide even 
a grounding for discussions about these new protocols in the federal 

One of the biggest questions I've been getting is "is it possible to get 
to LoA3", which is followed by "how exactly would you do that?"

If you'd prefer to do it off list, just ping me out of band. I'd 
personally rather see it on here with the understanding that it's a 
thought experiment more than anything right now.

  -- Justin

On 05/21/2012 02:09 PM, John Bradley wrote:
> I would anticipate a profile going to LoA 3 (non-crypto) using the code flow and asymmetric signatures.
> Because Connect/JWT/JOSE are not final specs there probably won't be a profile specifically for Connect in the very short term.
> I might anticipate a more general profile for doing authentication with OAuth that Connect happens to conform to as a first step.
> If you want, I could talk to them about what might hypotheticly be in such a profile.
> John B.
> On 2012-05-21, at 1:06 PM, Justin Richer wrote:
>> I've been asked by a few folks here and in my company's sponsoring organizations about exactly how OpenID Connect would fit into a FICAM profile, especially at LoA2 and LoA3 (non-crypto). I do realize that in order for there to be a real profile, someone from the gov't needs to sit down and write one and have it ratified. But since it's my understanding that Connect is being built in order to support higher LoA, what do the members in this community anticipate being part of such a profile?
>> -- Justin
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab

More information about the Openid-specs-ab mailing list