interfed - Re: [inc-interfed] attribute release from the EU .....
Subject: Interfederation
List archive
- From: "Cantor, Scott" <>
- To: "" <>
- Subject: Re: [inc-interfed] attribute release from the EU .....
- Date: Sat, 8 Jun 2013 17:09:36 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport04.merit.edu; dkim=neutral (message not signed) header.i=none
On 6/8/13 5:45 AM, "Scott Koranda"
<>
wrote:
>
>It has been an issue to some extent. Cardiff is only releasing an
>opaque ePPN instead of an ePPN that identifies the user.
EPPN doesn't require non-opacity, though. We don't have any actual
identifiers that do, including (though far less likely) email addresses.
>I have plans to "fix" this problem using COmanage to enroll the user,
>consume proper identifiers self-asserted by the users, map them to the
>opaque ePPN, and then make them available from a SAML attribute
>authority. That work is ongoing.
That seems like it opens you up to the problem of users socially spoofing
other users. Perhaps you have a closed community and it's not a concern.
-- Scott
- [inc-interfed] attribute release from the EU ....., Steven Carmody, 06/07/2013
- Re: [inc-interfed] attribute release from the EU ....., Scott Koranda, 06/08/2013
- Re: [inc-interfed] attribute release from the EU ....., Cantor, Scott, 06/08/2013
- Re: [inc-interfed] attribute release from the EU ....., Scott Koranda, 06/08/2013
- Re: [inc-interfed] attribute release from the EU ....., Cantor, Scott, 06/08/2013
- Re: [inc-interfed] attribute release from the EU ....., Basney, Jim, 06/10/2013
- Re: [inc-interfed] attribute release from the EU ....., Steven Carmody, 06/11/2013
- Re: [inc-interfed] attribute release from the EU ....., Scott Koranda, 06/08/2013
Archive powered by MHonArc 2.6.16.