IdPv3 and generating persistent NameID

Mads Freek Petersen freek at
Fri May 1 12:15:10 EDT 2015

Hi Scott

> On 01 May 2015, at 18:04, Cantor, Scott <cantor.2 at> wrote:

> There’s no current proposal to remove it, but deprecating it now is a signal that we want to.

That would make shib users unable to meet the obligations of eduGAIN:

> 	• 47  It is RECOMMENDED that Identity Providers support SAML2 Persistent Identifier as the unique opaque
> 	• 48  identifier for their end users. To ensure proper functioning of (possible) consent modules for attribute release,
> 	• 49  SAML2 Persistent Identifier MUST be placed both in the subject/nameID element and the attribute statement of
> 	• 50  a SAML assertion.


More information about the users mailing list