One Statement Policies
CA Distribution download
Find your local CA
About your certificate
Tools download and fetch-crl
IGTF OID Registry
Abingdon, UK, May 21-22, 2024
Copenhagen, DK, January 29, 2024
adjecent to TIIME Unconference
Intranet and Reviews
Guidelines on Levels of Authentication Assurance
- IGTF Levels of Authentication Assurance (all profiles)
Formats available: MS Word, Adobe PDF.
Managed by: EUGridPMA
Status: endorsed by all PMAs
The IGTF Levels of Authentication Assurance (LoA) generalization process aims to extract those elements from Authentication Profiles the IGTF has developed that are of general value to the community. The LoAs described in this document represent the consensus on acceptable levels for the IGTF major relying parties, and are designed such that they also balance the cost and feasibility by the IGTF identity providers.
To identify the specific Level of Assurance, each has been assigned an opaque name and identifier. Elements of assurance specific to a particular assurance level have been set apart in boxes that are identified by name in each heading indicating the LoA or LoAs to which the elements apply. Text that is not set apart in a particular box is applicable to all assurance levels described.
Traditionally assurance levels have been identified on a single scale. In terms of a single linear scale, relying parties have often considered authorities compliant with ASPEN (technical implementation: SLCS), BIRCH (technical implementation: MICS), or CEDAR (technical implementation: Classic Secured) to be similar in terms of assurance level, and authorities compliant with DOGWOOD (technical implementation: IOTA) to be different. In this document, several aspects are separated and relying parties may find more fine-grained controls.