NIST SP 800-63-3 Federation Proxy Profile, v1.0
Profile of requirements that the operator of a Federation Proxy must satisfy to comply with the NIST Special Publication 800-63-3 series of documents.
Publication Date |
2019-04-05 |
Issuing Organization |
|
Keywords |
NIST,
800-63,
Identity,
Federation,
Proxy
|
Legal Notice |
This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
|

Loading...
Trust Expression:
TIP_NISTSP80063CIdPProfile and TIP_NISTSP80063CFederatedRPProfile and TD_FederationAssuranceLevelAssertionLimitationforFederationProxies and TD_NondisclosureofPairwisePseudonymousIdentifierMappings
References (4)
TIP
NIST SP 800-63C IdP Profile, v1.0
|
Description |
Profile of all requirements that an Identity Provider (IdP) must satisfy to comply with NIST Special Publication 800-63C, Digital Identity Guidelines: Federation and Assertions. |
ID |
TIP_NISTSP80063CIdPProfile |
TIP
NIST SP 800-63C Federated RP Profile, v1.0
|
Description |
Profile of all requirements that a federated Relying Party (RP) must satisfy to comply with NIST Special Publication 800-63C, Digital Identity Guidelines: Federation and Assertions. |
ID |
TIP_NISTSP80063CFederatedRPProfile |
TD
Federation Assurance Level Assertion Limitation for Federation Proxies, v1.0
|
Description |
The use of proxies within a federation must not incorrectly present the Federation Assurance Level (FAL) to any relying parties. All proxies must strictly advertise the lowest FAL that operate at as the only FAL they operate at for the purposes of considering the FAL for any transaction using the proxy. |
ID |
TD_FederationAssuranceLevelAssertionLimitationforFederationProxies |
Provider Reference |
|
TD
Nondisclosure of Pairwise Pseudonymous Identifier Mappings, v1.0
|
Description |
When a federation proxy maps a user identifier to a pseudonymous identifier for consumption within a federation that uses pseudonymous identifiers, the proxy must not divulge this mapping except where it is necessary for legal reasons or to the proxied user if he or she requests this information. |
ID |
TD_NondisclosureofPairwisePseudonymousIdentifierMappings |
Provider Reference |
|