This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Authentication Context Class vs Authentication Method Reference
Authentication Context Class vs Authentication Method Reference

Version management

Difference between version and

At line 1 added 25 lines
!!! Overview [1]
[{$pagename}] are related but with important differences.
[Authentication Context Class] ([acr_values]) specifies the [Policy] that [authentications] are being requested to satisfy. The [Policy] can often be satisfied by using a number of different specific [Authentication Method Reference Values], either singly or in combination.
[Authentication Method Reference Values] ([amr_values]) specifies about the particular [Authentication Methods] that are used without regards to the [Authentication] Process.
Relationship to "acr" ([Authentication Context Class Reference])
The "acr" ([Authentication Context Class Reference]) claim and "[acr_values]" [request] parameter are related to the "amr" ([Authentication Method Reference]) claim and "amr_values" [Authentication Request] parameter, but with important differences.
[Authentication Context Class] specify a set of business rules that [authentications] are being requested to satisfy. These rules can often be satisfied by using a number of different specific [Authentication Method], either singly or in combination.
Interactions using "acr" request that specified Authentication Context Classes be used and reply saying which [Authentication Context Class] was satisfied.
The reply states that it was satisfied -- not how it was satisfied.
In contrast, interactions using "[amr]" make statements about the particular authentication methods that are used. This tends to be more brittle than using "acr" since the authentication methods that may be appropriate for a given authentication will vary over time, both because of the evolution of attacks on existing methods and the creation of new [Authentication Methods].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [https://tools.ietf.org/html/draft-jones-oauth-amr-values-05|Wikipedia:https://tools.ietf.org/html/draft-jones-oauth-amr-values-05|target='_blank'] - based on information obtained 2017-04-04-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop