10 décembre 2009

Un grand pas pour OpenID: OpenID got into ICAM for LOA 1

OpenID est maintenant une technologie adaptée par les Etats Unis pour les services eGouvernement ICAM :

Un grand moment pour OpenID. Un pas de plus pour la sécurité de nos identités numériques sur le net. That Cool ......

Et aussi un pas vers l'évolution des techniques de sécurité pour l'authentification ..... et l'authentification forte !

En complément la réponse de Robert Ott, Founder OpenID Switzerland, suite à cette question:

Sylvain: Do you agree with the ICAM position ?


OpenID 2.0 can be used to conduct low-risk transactions with the

Federal Government. At this time, OpenID 2.0 is suitable for LOA 1

authentication only


Robert Ott: Hi Sylvain,

I agree to some extend because it says 'At this time...'. If we consider the requirements to be fulfilled even only for LOA 1, I believe most of the current OpenID IDP's have not reached that level of maturity to fulfill levels higher the LOA 1 yet. While some of the provider fulfill many of the points what would allow them to claim LOA higher than 1, but a real claim for LOA > 1 would mean to fulfill ALL of the requirements. Thus, I think it is a valid and important statement that OpenID got into ICAM for LOA 1. As soon as the trust framework has evolved and we have whitelisted OpenID IDP's that fulfill all points of LOA 1, we will be able to try to go a step forward for higher LOA levels. On the other hand as soon as we look at the requirements for LOA > 1, the assurance level for the identities increases dramatically and might need to base on trust frameworks such as eGovernment issued / controlled ID's (e.g. eID Estonia, SuisseID etc.). To conclude, I'm very pleased that the OIDF has made it that OpenID got part of ICAM, great work!

Regards

Robert



Plus d'information: Open Identity Solutions for Open Government

Et un très bon doc: Open Solutions for Open GovernmentOpen GovernmentPortable IdentityPortable IdentityTechnical ApproachTechnical Approach

-------------------------------------------------------------------------------------


Towards Stronger Authentication in Web Applications...

in partnership with OWASP and OpenID

and get one Yubikey for free to protect your digital identity



Join us :-)



Publié par Sylvain Maret à l'adresse 12/10/2009 09:38:00 PM

Inscription à : Publier les commentaires (Atom)