• TextChallengeResponse

Text-based Challenge/Response

• Editors: Sharon Boeyen & Thomas Wisniewski

• Summary: The current set of standardized SAML V2.0 authentication context definitions cover a subset of challenge/response schemes including those that are based on cryptographic functions and time-based tokens. The notion of text-based challenge/response tokens are not covered by any of the current authentication context definitions. This document proposes an authentication context class to cover the general case of text-based challenge/response tokens to facilitate signaling their use in SAML. Such schemes include, for example, scratch tokens, numbered list tokens, grid tokens, etc. associated with a challenge/response authentication function. This document also proposes an extension that enables text-based challenge/response token parameters to be specified in relevant authentication contexts. This extension would be included in the <PrincipalAuthenticationMechanism> of such contexts.

Committee Specification 01

CS-01 was uploaded by whom on date: Hal Lockhart: Jan 25, 2010

• http://www.oasis-open.org/committees/download.php/36061/sstc-saml-text-based-challenge-response-authn-context-class-cs-01.html

• http://www.oasis-open.org/committees/download.php/36062/sstc-saml-text-based-challenge-response-authn-context-class-cs-01.pdf

• http://www.oasis-open.org/committees/download.php/36063/sstc-saml-text-based-challenge-response-authn-context-class-cs-01.odt

• http://www.oasis-open.org/committees/download.php/20481/sstc-saml-authncont-ext-tcr2.xsd

Committee Draft 01

CD-01 was uploaded by whom on date:

• http://www.oasis-open.org/committees/download.php/21595/sstc-saml-text-based-challenge-response-authn-context-class-cd-01.odt

• http://www.oasis-open.org/committees/download.php/20480/sstc-saml-text-based-challenge-response-authn-context-class-cd-01.pdf

• http://www.oasis-open.org/committees/download.php/20481/sstc-saml-authncont-ext-tcr2.xsd