IdPv3 and generating persistent NameID
Mads Freek Petersen
freek at wayf.dk
Fri May 1 12:15:10 EDT 2015
Hi Scott
> On 01 May 2015, at 18:04, Cantor, Scott <cantor.2 at osu.edu> wrote:
> There’s no current proposal to remove it, but deprecating it now is a signal that we want to.
That would make shib users unable to meet the obligations of eduGAIN:
> • 47 It is RECOMMENDED that Identity Providers support SAML2 Persistent Identifier as the unique opaque
>
> • 48 identifier for their end users. To ensure proper functioning of (possible) consent modules for attribute release,
>
> • 49 SAML2 Persistent Identifier MUST be placed both in the subject/nameID element and the attribute statement of
>
> • 50 a SAML assertion.
http://services.geant.net/edugain/Resources/Documents/GN3-11-012%20eduGAIN_attribute_profile.pdf
-Mads
More information about the users
mailing list