Guidelines on Levels of Authentication Assurance

• IGTF Levels of Authentication Assurance version 1.5 (all profiles)
  Formats available: MS Word, Adobe PDF.
  Managed by: EUGridPMA
  Status: endorsed by all PMAs

  The IGTF Levels of Authentication Assurance (LoA) generalization process aims to extract those elements from Authentication Profiles the IGTF has developed that are of general value to the community. The LoAs described in this document represent the consensus on acceptable levels for the IGTF major relying parties, and are designed such that they also balance the cost and feasibility by the IGTF identity providers.
  To identify the specific Level of Assurance, each has been assigned an opaque name and identifier. Elements of assurance specific to a particular assurance level have been set apart in boxes that are identified by name in each heading indicating the LoA or LoAs to which the elements apply. Text that is not set apart in a particular box is applicable to all assurance levels described.
  Traditionally assurance levels have been identified on a single scale. In terms of a single linear scale, relying parties have often considered authorities compliant with ASPEN (technical implementation: SLCS), BIRCH (technical implementation: MICS), or CEDAR (technical implementation: Classic Secured) to be similar in terms of assurance level, and authorities compliant with DOGWOOD (technical implementation: IOTA) and ELM (DCVOTA) to be different. In this document, several aspects are separated and relying parties may find more fine-grained controls.
  

  Other versions:
  
  • version 1.1 (PDF), also in MS Word
  • version 1.0 (PDF), also in MS Word and changes with respect to version 1.1
  • Development version (Wiki)