...
To simplify consumption by RPs, RAF 2.0 also defines two **assurance profiles** (bundles of component requirements):
- RAF Cappuccino (moderate use cases)
- RAF Espresso (higher-risk use cases)
In RAF cappuccino: a unique identifier, medium-level identity assurance, and the 'affiliation' attribute reflects the status no longer than one month in arrears. This level can be combined with single-factor authenticator strength (http://refeds.org/sfa)
In RAF Espresso: there is a unique identifier, high-level identity assurance, and the 'affiliation' attribute reflects the status no longer than one month in arrears. This level is best combined with multi-factor authenticators (http://refeds.org/mfa).
Who should adopt RAF and why?
...
If you are building an end-to-end trust posture for a collaboration/infrastructure, RAF is part on resolving the the Assurance Requirements
Resources
- REFEDS Assurance Framework (overview landing page): https://refeds.org/assurance
- RAF 2.0 specification (PDF): https://refeds.org/wp-content/uploads/2023/12/RAF-2.0-Final-version.pdf
- FAQ / Supporting Materials: RAF (identity assurance): https://wiki.refeds.org/pages/viewpage.action?pageId=31982150
...
Resources
- REFEDS Assurance Framework (overview landing page): https://refeds.org/assurance
- RAF 2.0 specification (PDF): https://refeds.org/wp-content/uploads/2023/12/RAF-2.0-Final-version.pdf
- FAQ / Supporting Materials: RAF (identity assurance): https://wiki.refeds.org/pages/viewpage.action?pageId=31982150