src/DotNetOpenAuth/OpenId/Extensions/ProviderAuthenticationPolicy/NistAssuranceLevel.cs

   1 //-----------------------------------------------------------------------
   2 // <copyright file="NistAssuranceLevel.cs" company="Andrew Arnott">
   3 //     Copyright (c) Andrew Arnott. All rights reserved.
   4 // </copyright>
   5 //-----------------------------------------------------------------------
   6
   7 namespace DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy {
   8         using System;
   9         using System.Collections.Generic;
  10         using System.Diagnostics.CodeAnalysis;
  11         using System.Text;
  12
  13         /// <summary>
  14         /// Descriptions for NIST-defined levels of assurance that a credential
  15         /// has not been compromised and therefore the extent to which an
  16         /// authentication assertion can be trusted.
  17         /// </summary>
  18         /// <remarks>
  19         /// <para>One using this enum should review the following publication for details
  20         /// before asserting or interpreting what these levels signify, notwithstanding
  21         /// the brief summaries attached to each level in DotNetOpenId documentation.
  22         /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf</para>
  23         /// <para>
  24         /// See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level example classifications of authentication methods within the defined levels.
  25         /// </para>
  26         /// </remarks>
  27         [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "Nist", Justification = "By design")]
  28         public enum NistAssuranceLevel {
  29                 /// <summary>
  30                 /// Not an assurance level defined by NIST, but rather SHOULD be used to
  31                 /// signify that the OP recognizes the parameter and the End User
  32                 /// authentication did not meet the requirements of Level 1.
  33                 /// </summary>
  34                 InsufficientForLevel1 = 0,
  35
  36                 /// <summary>
  37                 /// See this document for a thorough description:
  38                 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
  39                 /// </summary>
  40                 Level1 = 1,
  41
  42                 /// <summary>
  43                 /// See this document for a thorough description:
  44                 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
  45                 /// </summary>
  46                 Level2 = 2,
  47
  48                 /// <summary>
  49                 /// See this document for a thorough description:
  50                 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
  51                 /// </summary>
  52                 Level3 = 3,
  53
  54                 /// <summary>
  55                 /// See this document for a thorough description:
  56                 /// http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
  57                 /// </summary>
  58                 Level4 = 4,
  59         }
  60 }