...

Not all Subjects within an Identity Provider need to have use the same credential types, some of them can only use passwords, some Person-Proofed Multi-Factors and some Person-Proofed Multi-Factors with high identity assurance. It A Subject can also have multiple crentials types at the same time but it is however , important that the home organisation Home Organisation maintain a record of credential types a Subject can use and can correctly inform services about Relying Parties about the credential type used if requested by the Relying Party.

Person-Proofed Multi-Factor (SWAMID P2MFA)

...

The purpose of this subsection is to ensure that credentials can be revoked.

...här behöver något in... Jag kan dock inte se att något skilljer här mot SWAMID AL2!

Guidance

Processes for revocation of second factors or full multi-factors should be documented in the IMPS, section 5.4.

6. Syntax

Identity Provders iare marked in SAML metadata with the Assurance Certfication

The member organisation's Identity Provider is tagged in the SWAMID federation metadata with the assurance certification attribute: http://www.swamid.se/policy/authentication/swamid-p2mfa

The member organisation's Identity Provider is tagged in the SWAMID federation metadata with the assurance certification attribute: http://www.swamid.se/policy/authentication/swamid-p2mfa-hia

...vi måste även lägga till text om eduPersonAssurance för high assurance...

In accordance with REFEDS MFA Profile: 

• In a SAML assertion, in compliance with this SWAMID Person-Proofed Multi-Factor Profile, a multi-factor authentication is communicated by that the Identity Provider is asserting the AuthnContextClass https://refeds.org/profile/mfa.
• In a SAML authentication request a Service Provider can Relying Party can request multi-factor authentication by adding AuthnContextClassRef https://refeds.org/profile/mfa to the authentication request.

...