[Openid-specs-risc] Proposing two new CAEP event types

Saxe, Dean deansaxe at amazon.com
Mon Feb 12 18:24:33 UTC 2024 

Hi Atul,

A few quick comments on the suggested additions:

uaf describes a FIDO protocol which has the concept of user presence, so it may be wise to find an alternative claim name to avoid confusion.

When you describe user presence, I immediately think about the user presenting an authentication factor that indicates that they are present for the transaction.  For example, presenting an inherence factor (fingerprint) to unlock a FIDO hardware security key (e.g. Yubikey bio) as part of user authentication.  I don’t think this is what you’re trying to communicate with the User Present event.  Can you describe this event in more concrete terms?  There may be a naming collision here, as well, that we should avoid to minimize confusion about what the event type means.

Thanks,
-dhs

--
Dean H. Saxe, CIDPRO<https://idpro.org/cidpro/> (he/him)
Senior Security Engineer, AWS Identity Security Team | Amazon Web Services (AWS)
E: deansaxe at amazon.com<mailto:deansaxe at amazon.com> | M: 206-659-7293<tel:206-659-7293>

From: Openid-specs-risc <openid-specs-risc-bounces at lists.openid.net> on behalf of Atul Tulshibagwale via Openid-specs-risc <openid-specs-risc at lists.openid.net>
Reply-To: Atul Tulshibagwale <atul at sgnl.ai>
Date: Tuesday, February 6, 2024 at 5:45 PM
To: OpenID RISC List <openid-specs-risc at lists.openid.net>
Subject: [EXTERNAL] [Openid-specs-risc] Proposing two new CAEP event types


CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.


Hi all,
My colleagues at SGNL and I have come up with new event types that we think will be useful for everyone. They indicate that a user session has been established, and that a user presence has been observed. Please see the attached slides to get an overview. We can discuss this in our next working group meeting.

Looking forward to your feedback.
Thanks,
Atul

--

[Image removed by sender.]<https://sgnl.ai/>


Atul Tulshibagwale

CTO

[Image removed by sender.]<https://linkedin.com/in/tulshi>[Image removed by sender.]<https://twitter.com/zirotrust>[Image removed by sender.]<mailto:atul at sgnl.ai>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240212/fb1f5a9c/attachment-0001.html>

More information about the Openid-specs-risc mailing list