This space is for the work carried out by REFEDS to support identity and authentication assurance.
The REFEDS Assurance working group has designed the REFEDS Assurance Suite to satisfy the needs of R&E federations for a common, lightweight set of assurance specifications. The Assurance Suite comprises the REFEDS Assurance Framework (REFEDS RAF) which defines requirements for identity assurance and the two specifications REFEDS Single Factor Authentication Profile (REFEDS SFA) and REFEDS Multi Factor Authentication Profile (REFEDS MFA) for authentication assurance. REFEDS RAF and SFA are in effect since 2018, the MFA profile since 2017. The Assurance Suite is registered at IANA since 2019.
We also expect to have logos per specification, soon.
RAF is designed in such a way allowing the components (i.e. identifier uniqueness, identity proofing, attribute freshness) to be individually assertable. However, RAF also provides two assurance profiles: RAF Cappuccino which is for moderate use cases and RAF Espresso for high-risk use cases.
Below you can find the links to the corresponding specifications but also to FAQs and supporting materials:
- REFEDS Assurance Framework (for identifier uniqueness, identity proofing, attribute freshness)
- REFEDS Authentication Profiles (for identity authentication)
- Webinar on REFEDS Assurance Suite 13 December 2018 (stream, slides)
- The Assurance framework and profiles are developed and maintained in the Assurance working group
This space is also the home of REFEDS Baseline Expectations Working Group for federations, IdPs and SPs. Baseline Expectations are developed in the Baseline Expectations working group
Recent space activity