1
//-----------------------------------------------------------------------
2 // <copyright file="NistAssuranceLevel.cs" company="Andrew Arnott">
3 // Copyright (c) Andrew Arnott. All rights reserved.
5 //-----------------------------------------------------------------------
7 namespace DotNetOpenAuth
.OpenId
.Extensions
.ProviderAuthenticationPolicy
{
9 using System
.Collections
.Generic
;
10 using System
.Diagnostics
.CodeAnalysis
;
14 /// Descriptions for NIST-defined levels of assurance that a credential
15 /// has not been compromised and therefore the extent to which an
16 /// authentication assertion can be trusted.
19 /// <para>One using this enum should review the following publication for details
20 /// before asserting or interpreting what these levels signify, notwithstanding
21 /// the brief summaries attached to each level in DotNetOpenId documentation.
22 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf</para>
24 /// See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level example classifications of authentication methods within the defined levels.
27 [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId
= "Nist", Justification
= "By design")]
28 public enum NistAssuranceLevel
{
30 /// Not an assurance level defined by NIST, but rather SHOULD be used to
31 /// signify that the OP recognizes the parameter and the End User
32 /// authentication did not meet the requirements of Level 1.
34 InsufficientForLevel1
= 0,
37 /// See this document for a thorough description:
38 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
43 /// See this document for a thorough description:
44 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
49 /// See this document for a thorough description:
50 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
55 /// See this document for a thorough description:
56 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf