>Is this a real thing and is this something that needs to be handled by
>having separate AAA proxy and IdP servers. If so does this mean that we
>need to look at that interface more closely?
Assuming that the request were able to convey AAA or SAML semantics
indicating the LoA requirement, I think it is reasonable to expect the IdP
domain to apply policy on these semantics for a single IdP NAI realm.
Josh.
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
