Jim, InCommon Silver was developed by InCommon from the original
eAuth CAF/CAP and is intended to be both consistent with NIST 800-63
and recognize the needs of higher ed. GSA is well aware of it and
we're planning to meet with them later this month to discuss it.
One of the main differences from the eAuth CAF/P is recognition of a
broader meaning of "identity" and the need for consistency in the use
of, e.g. eduPerson when providing identity assertions. For that and
other reasons we are not referring to "assurance levels" but to
"assurance profiles" to allow for different general use cases with
rich identity. That said, InCommon Bronze is intended to be
consistent with eAuth LOA-1 and Silver is consistent with LOA-2.
At 8:35 AM -0400 on 4/6/09, Jim Green wrote:
>No, I had bookmarked that site as I was (am) doing some research for a
>project we've got going here called, "identity verification." We're trying
>to develop and document a process to make our identity proofing more
>consistent and keep better records of what we're doing. So I've been
>studying up on whatever I can find on guidelines and recommended procedures.
>Among other things, I've looked at NIST SP 800-63 and OMB M-04-04. We're
>thinking of making InCommon Silver one our goals.
>It seems to me having the agencies as members of InCommon will probably work
>out better in the long run, at least from our (higher ed) point of view.
>From: Identity Management Constituent Group Discussion list
>[mailto:[log in to unmask]] On Behalf Of RL 'Bob' Morgan
>Sent: Monday, April 06, 2009 3:32 AM
>To: [log in to unmask]
>Subject: Re: [IDM] Federal E-Authentication
>> Has anyone heard what is going on with this? This seems to imply they
>> are either tearing down or drastically changing the e-authentication
>Just curious, were you or some of your users using apps via the E-Auth
>The E-Authentication web site is still there:
>but has been re-purposed to refer to generic identity etc services.
>E-Auth has been on its way out for quite a while. It always suffered from
>a poor funding situation (ie, paid for by a tax on agencies rather than
>base funding), and in my opinion was way too heavyweight in many ways to
>be sustainable. As David mentions, now agencies are encouraged to work
>directly with InCommon to federate with higher ed, and they are doing so.
>We continue to work closely with the GSA to make sure that we're aligned
>going forward (eg on attribute usage, and SAML 2 migration), in particular
>to ensure that the InCommon Silver Assurance Profile (see
>http://incommonfederation.org/assurance/) meets USG requirements for
>access to LoA 2 applications.
> - RL "Bob"