[Openid-specs-ab] Issue #844: Messages - 1.2 Definition - Authentication (openid/connect)

Nat Sakimura issues-reply at bitbucket.org
Sun Jun 2 02:45:13 UTC 2013


New issue 844: Messages - 1.2 Definition - Authentication
https://bitbucket.org/openid/connect/issue/844/messages-12-definition-authentication

Nat Sakimura:

The current definition of Authentication does not go well with some form of authentication such as risk based authentication or location based authentication, etc. Also, it is too deterministic. The previously provisioned credential may be stolen. 

Currently, it is defined as: 
**Authentication**
Act of verifying End-User's possession of previously provisioned credentials.

Proposal: 
**Authentication**
provision of assurance of the claimed identity of an entity 
[SOURCE: ISO/IEC 18014-2]






More information about the Openid-specs-ab mailing list