Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] [refeds] Re: mari plan & next steps

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] [refeds] Re: mari plan & next steps


Chronological Thread 
  • From: Peter Schober <peter.schober AT univie.ac.at>
  • To: REFEDS <refeds AT terena.org>, "edugain-discuss AT geant.net" <edugain-discuss AT geant.net>
  • Subject: Re: [eduGAIN-discuss] [refeds] Re: mari plan & next steps
  • Date: Wed, 29 Oct 2014 16:26:42 +0100
  • Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass header.i= AT univie.ac.at
  • List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
  • List-id: eduGAIN discussion list <edugain-discuss.geant.net>
  • Organization: ACOnet

* Kristof Bajnok <bajnokk AT niif.hu> [2014-10-29 16:19]:
> Basically I like the idea. Can you please add a couple of other
> examples? From the top of my head:
> - "Any ID" -> eppn, eptid, persistent NameID, schacPersonalUniqueCode,
> auEduPersonSharedToken

I would have hoped for Entity Categories to solve that, basically.

> - "phone" -> mobile, telephoneNumber ?
> - "address" ??? (if something needs it, it likely needs more specific
> information, such as shipping address, residential address, etc)

I've never seen an SP needing these and certainly none of our IDPs
even have the info available, e.g. for students.

I'm happy as the next person to see a rich attribute ecosystem emerge,
but so far I feel the only somewhat interoperable and
can-be-assumed-to-exist attributes in interfederation use (i.e., not
your locally defined attributes within a single closed community or
federation) are the ones I mentioned here[1]:

Name attributes
displayName (urn:oid:2.16.840.1.113730.3.1.241)
givenName (urn:oid:2.5.4.42)
sn/surname (urn:oid:2.5.4.4)
Identifiers
eduPersonTargetedID (a.k.a. SAML2 persistent NameID,
urn:oid:1.3.6.1.4.1.5923.1.1.1.10)
eduPersonPrincipalName (urn:oid:1.3.6.1.4.1.5923.1.1.1.6)
mail (urn:oid:0.9.2342.19200300.100.1.3)
Authorization
eduPersonScopedAffiliation (urn:oid:1.3.6.1.4.1.5923.1.1.1.9)
eduPersonEntitlement (urn:oid:1.3.6.1.4.1.5923.1.1.1.7)
Organizational data
schacHomeOrganization (urn:oid:1.3.6.1.4.1.25178.1.2.9)

[1] "Make attributes available",

https://wiki.univie.ac.at/display/federation/Preparing+an+IDP+for+Interfederation

Cheers,
-peter





Archive powered by MHonArc 2.6.19.

Top of Page