No, I had bookmarked that site as I was (am) doing some research for a
project we've got going here called, "identity verification." We're trying
to develop and document a process to make our identity proofing more
consistent and keep better records of what we're doing. So I've been
studying up on whatever I can find on guidelines and recommended procedures.
Among other things, I've looked at NIST SP 800-63 and OMB M-04-04. We're
thinking of making InCommon Silver one our goals.
It seems to me having the agencies as members of InCommon will probably work
out better in the long run, at least from our (higher ed) point of view.
From: Identity Management Constituent Group Discussion list
[mailto:[log in to unmask]] On Behalf Of RL 'Bob' Morgan
Sent: Monday, April 06, 2009 3:32 AM
To: [log in to unmask]
Subject: Re: [IDM] Federal E-Authentication
> Has anyone heard what is going on with this? This seems to imply they
> are either tearing down or drastically changing the e-authentication
Just curious, were you or some of your users using apps via the E-Auth
The E-Authentication web site is still there:
but has been re-purposed to refer to generic identity etc services.
E-Auth has been on its way out for quite a while. It always suffered from
a poor funding situation (ie, paid for by a tax on agencies rather than
base funding), and in my opinion was way too heavyweight in many ways to
be sustainable. As David mentions, now agencies are encouraged to work
directly with InCommon to federate with higher ed, and they are doing so.
We continue to work closely with the GSA to make sure that we're aligned
going forward (eg on attribute usage, and SAML 2 migration), in particular
to ensure that the InCommon Silver Assurance Profile (see
http://incommonfederation.org/assurance/) meets USG requirements for
access to LoA 2 applications.
- RL "Bob"