A visa application for a travelling family that includes a toddler but where the visa rules say each person must have an individual application This is a common scenario for many Australian visa types. Some authorised delegate (eg Mum) has to do the application for the toddler but still present the toddlers credentials Any use? Steven Capell Mob: 0410 437854 > On 16 Dec 2020, at 4:08 am, Alan Karp <alanhkarp@gmail.com> wrote: > > > oosten, H.J.M. (Rieks) <rieks.joosten@tno.nl> wrote: >> I'm looking for a use-case, which I think requires: >> >> that is realistic; >> that involves (at least) two people, as e.g. in a marriage, a guardianship or otherwise, and some service provider (SP); >> where SP has no earlier knowledge of any of these two people (he doesn't know who these people are); >> where SP can obtain credentials from only one of these persons (the other is somehow incapable of presenting credentials); >> where SP is requested to make a decision (e.g. to provide a service); >> where SP needs to authenticate *both* persons in order to make that decision. > That's a good set of requirements, except the last. Authenticating the two identities, which I assume is what you meant, is less important for the SP than knowing what permissions they have. Using authentication of identity, role, or attributes to make an access decision often leads to a confused deputy vulnerability. > > -------------- > Alan Karp
Received on Tuesday, 15 December 2020 19:27:43 UTC