The IESG has approved the following document: - 'An IANA registry for Level of Assurance (LoA) Profiles' (draft-johansson-loa-registry-06.txt) as Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-johansson-loa-registry/ Technical Summary The notion of a "Level of Assurance" (LoA for short) is a common way to express "strength" or "quality" of a digital identiy. Federations and trust frameworks define such LoAs by establishing conditions on identity proofing, credentials management and authentication strength. Protocols that carry identity information (eg ABFAB, SAML or OpenID Connect) reference LoAs to express the quality of an identity claim or assertion. This document establishes an IANA registry for Level of Assurance Profiles. The registry is intended to be used as an aid to discovering such LoA definitions in protocols that use an LoA concept, including SAML 2.0 and OpenID Connect. Working Group Summary This work has been done as an individual contribution and is not part of any IETF WG. The work has been socialized in and reviewed by the identity community where identity assurance is discussed, including the Kantara Identity Assurance WG and the Kantara Federation Interoperability WG and the OpenID Connect community. Document Quality There is a concrete demand for the registry from vendors that implement identity protocols aswell as from organizations that implement trust frameworks. Personnel Tim Polk (tim.polk@nist.gov) is the document shepherd. Sean Turner (turners@ieca.com) is the responsible AD.
