Skip to content

FAL2 - Account Resolution #79

Description

@dhs-BI

Section 3.7.2 of SP800-63C rev4 documents the requirements for account resolution which NIST defines as:

If the RP has access to existing information about a set of subscribers, and this information is not associated with a federated identifier, the RP performs a process known as account resolution to determine which set of subscriber information to associate with a new RP subscriber account.

These requirements are captured in #71. Should IPSIE eliminate the requirements in this section for purposes of SL1?

chair hat off
Account resolution within IPSIE should only be valid for JIT-provisioned accounts. How this is performed for JIT-provisioned accounts is out of scope for IPSIE, as is JIT provisioning. However, IPSIE should provide non-normative guidance in the profile at SL1 to guide implementers to a reliable process.
chair hat on

Metadata

Metadata

Labels

FAL2Issues related to FAL2 compliancesl1

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions