how would we suggest improving the user experience at this SP
Cantor, Scott
cantor.2 at osu.edu
Wed Jun 4 15:10:24 EDT 2014
On 6/4/14, 2:48 PM, "David Hodnett" <david at pathbrite.com> wrote:
>As an SP, we are proceeding on the assumption that the IdP guarantees
>that this ePPN is unique for each user but the address itself is not
>necessarily routable. Our application later asks the user to confirm the
>provided address is valid and gives them the opportunity to either
>correct it or otherwise opt-out of receiving email. I've always felt that
>this was a reasonable compromise given that each institution has its own
>privacy policy for political reasons as David Bantz implied.
If you differentiate, which is great, then use the mail attribute for that
as a starting point, don't use the EPPN for that purpose.
>However, based on the tone of this thread, should we at all be concerned
>that a given school might send "shibboleth-support at example.edu" as the
>ePPN for each and every incoming user, again for political reasons?
Not that I've ever encountered.
Campuses don't really mask attributes, they just don't send them.
-- Scott
More information about the users
mailing list