Another use-case re authentication

We have some use-cases from Northrop, who emailed it directly to use 
(they are IEs in the WG). Here they are in the form they sent for the 
record. I think they can merge into some of the existing use-cases. Some 
of it (SAML, smartcard is only partially covered by the Crypto WG) but 
the digital signing of the tokens credentials for SAML could be done.

-------

Secure Identity Use-Case:

Single user:

·User is authenticated with username + password

·User is authenticated with username + password and is asked follow up 
questions

·User is authenticated and site key is display or captcha

·User is authenticated with smartcard credentials

·User is authenticated with One Time Password

·User is authenticated with credentials and SAML tokens are generated to 
be used for SSO

Multiple users on a single computer:

·User A is authenticated with username + password to site A

·User B is authenticated with username + password to site A

·User A is authenticated with username + password to site A and is asked 
follow up questions

·User B is authenticated with username + password to site A and is asked 
follow up questions

·User A is authenticated with credentials and SAML tokens are generated 
to be used for SSO

·User B is authenticated with credentials and SAML tokens are generated 
to be used for SSO

Received on Monday, 7 January 2013 18:07:51 UTC