Web Authentication Enhancement BOF (WAE) - PowerPoint PPT Presentation

About This Presentation
Title:

Web Authentication Enhancement BOF (WAE)

Description:

Problems we are trying to solve - 55 min. ... Anti-phishing discussion here. Discuss what sort of attribute info from user to server is desired ... – PowerPoint PPT presentation

Number of Views:56
Avg rating:3.0/5.0
Slides: 7
Provided by: petere7
Learn more at: https://www.ietf.org
Category:

less

Transcript and Presenter's Notes

Title: Web Authentication Enhancement BOF (WAE)


1
Web Authentication Enhancement BOF (WAE)
  • Chair Pete Resnick
  • IETF 66

2
Agenda (1)
  • Scribes, blue sheets, agenda bash - 2 min.
  • Getting terms straight - 10 minutes
  • Problems we are trying to solve - 55 min.
  • Discuss what sort of authentication/identification
    from user to server is desired
  • Anti-phishing discussion here
  • Discuss what sort of attribute info from user to
    server is desired
  • Discuss whether remote storage of attributes is
    desired
  • Discuss whether 3rd-party claims are desired

3
Agenda (2)
  • Mechanisms to use? - 55 min.
  • Discuss downsides of using current web auth
    mechanisms (i.e., user-agent changes)
  • Discuss downsides of using mechanisms that
    include no user-agent changes
  • Discuss authentication mechanism in light of
    above discussions
  • What work items do we have? - 28 min.
  • Enumerate work items
  • Enumerate documents (if different than above)
  • Enumerate editors
  • End

4
Terminology
  • Reading assignment RFC 2828
  • Authentication
  • Authorization
  • Credential
  • Attribute
  • Assertion
  • Others?

5
Problems we want to solve
  • Capture-Resistant Credentials (CRC)
  • Hijack-Resistant Authentication (HRA)
  • Portable Credentials (PC)
  • Fill-in of Personal Information (FPI)
  • Common User Credentials (CUC)
  • Continuity of Identity (CI)
  • User-Friendly Names (UFN)
  • Assertion of External Claims (AEC)
  • Independent Assertion of Claims (IAC)
  • Private Authentication (PA)
  • Single Site Unlinkability (SSU)
  • Multiple Site Unlinkability (MSU)
  • Attack Resistant Credentials (ARC)

6
Mechanisms/Architectures
  • Bare Cryptographic Identifier (CRC, HRA, CUC, CI,
    PA)
  • Identity Certificates (Above UFN)
  • Signature Key Server (PC whatever)
  • Attribute Certificates (CRC, HRA, FPI (some), PC
    (w/ key server), CUC, CI, UFN, AEC, IAC, PA)
  • Identity Provider (PC, CUC, CI, UFN, maybe PA)
  • w/assertions (FPI, AEC, IAC)
  • w/authentication (CRC, HRA)
Write a Comment
User Comments (0)
About PowerShow.com