<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:D="DAV:" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:2053533160;
mso-list-type:hybrid;
mso-list-template-ids:1585203498 68354063 68354073 68354075 68354063 68354073 68354075 68354063 68354073 68354075;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level3
{mso-level-tab-stop:108.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level4
{mso-level-tab-stop:144.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level5
{mso-level-tab-stop:180.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level6
{mso-level-tab-stop:216.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level7
{mso-level-tab-stop:252.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level8
{mso-level-tab-stop:288.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level9
{mso-level-tab-stop:324.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=FR link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>All,<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>From the different mail conversations I summarize the following:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo2'><![if !supportLists]><span
lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><span style='mso-list:Ignore'>1.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>I will be present at 22
october at the conference<o:p></o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo2'><![if !supportLists]><span
lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><span style='mso-list:Ignore'>2.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>I will give a presentation
during the morning workshop: </span><span lang=EN-US>Building Trustworthy
Architectures Workshop.</span><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'> Topics to adres are:<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l0 level2 lfo2'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>a.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>User Centric Authentication
Service (Pro’s and Cons)<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l0 level2 lfo2'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>b.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Different alternatives within
market (OpenID, SAML, CardSpace)<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l0 level2 lfo2'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>c.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>How we are realizing a
trustworthy service using A-select.<o:p></o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo2'><![if !supportLists]><span
lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><span style='mso-list:Ignore'>3.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>I will be present during the
afternoon session focusing on:<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l0 level2 lfo2'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>a.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>User centric authentication
vs machine to machine authentication<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l0 level2 lfo2'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>b.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Attribute sharing and the
need for a persistent unique identifier<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>For each presentation I will take about 20 minutes.<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Please let me know if this is a correct interpretation<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Please let me know so I can prepair on this.<o:p></o:p></span></p>
<p class=MsoNormal><span lang=NL><o:p> </o:p></span></p>
<div>
<div>
<p class=MsoNormal><span lang=NL>(Just jumping in)<br>
<br>
The slot I have open can accommodate an A-Select talk, especially if it can be
bent slightly towards using open extensions and not just the user ID provider
function. I am well aware that most organisations see A-Select as a single
sign-on feature only, but you are totally right that it can be much more than
that. In TAS3, A-Select is one of the potential identity providers.<br>
<br>
If there would be any possibility to link it to activities in the Liberty
Alliance, that would be a certain plus.<br>
<br>
<br>
Jeroen<br>
<br>
2008/10/6 Kick Willemse <<a href="mailto:K.Willemse@diginotar.nl">K.Willemse@diginotar.nl</a>><o:p></o:p></span></p>
<p class=MsoNormal><span lang=NL>Within our authentication service platform
PASS we make use of <a href="http://a-select.surfnet.nl/" target="_blank">http://a-select.surfnet.nl/</a><br>
<br>
Within this authentication platform there is SAML support, but we still use the
dedicated aselect protocol.<br>
<br>
Within this protocol there are several options to provide additional
attributes. At the moment most of our customers are only interested in getting
one attribute (The unique identifier as how the user is authenticated within
their system)<br>
<br>
So this is how it works:<br>
<br>
1. Accountant portal makes it possible for their customers to login securely
using our authentication service<br>
2. The customers clicks on login and is redirected to our pass service<br>
3. The customer authenticates within our service using password, SMS, OTP or
PKI<br>
4. Our service returns an authenticated OK or Not OK to the account portal and
also some additional attributes, like the unique customernumber<br>
5. The account portal uses the additional attributes to welcome the user
(Username) and uses the unique customernumber to map to his authorization DB.<br>
<br>
<br>
I could show this process including the way how the customer gets registered
for our service.<o:p></o:p></span></p>
<div>
<p class=MsoNormal><span lang=NL><br>
Kick<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><span lang=NL><br>
-- <br>
dr. ir. Jeroen Hoppenbrouwers<br>
<br>
Synergetics NV/SA<br>
Katwilgweg 2 | 2050 Antwerp | Belgium<br>
T(+32)3/210.30.88 | F(+32)3/210.30.86 | M .nl (+31)610089272<br>
M .be (+32)487924895 | VAT BE 0455.690.261<br>
<a href="http://www.synergetics.be">www.synergetics.be</a> | <a
href="mailto:jeroen@synergetics.be">jeroen@synergetics.be</a><br>
---------------------------------------------<br>
Disclaimer: This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the system
manager. Please note that any views or opinions presented in this email are
solely those of the author and do not necessarily represent those of the
company. The integrity and security of this message cannot be guaranteed without
special precautions. GnuPG public key <a
href="http://www.hoppie.nl/pki/f48b3320.asc">http://www.hoppie.nl/pki/f48b3320.asc</a><o:p></o:p></span></p>
</div>
</div>
</body>
</html>