An open discussion list for topics related to the eduGAIN interfederation service.

[Peter Schober <peter.schober AT univie.ac.at>]

* Rhys Smith <Rhys.Smith AT jisc.ac.uk> [2014-11-14 22:43]:
> I know it wasn’t meant for this list, but I’m going to stick my oar
> in anyway… ;-)
> 
> Just a quickie - for some IdPs, especially those with an NDS
> heritage or current Novell/NetIQ eDirectory, cn is often equivalent
> to uid rather than displayName (i.e. it’s username rather than real
> name).

+1

While it's possible distinguish between internal attributes (e.g. in
LDAP) and what goes out over the wire (what's eduGAIN's concern) I
also recommended to Niels to just avoid this potential confusion and
just stick with displayName. Esp. for a new profile of some sorts.

eduPerson (named as the source of this attribute in the eduGAIN
attribute profile) also has some notes on inconsistent use, which IMO
should rather lead to not recommending it for any use. (People will
still use it when they have to or can't be bothered with recommendations.)

I haven't ever heard of any actual use-cases that /required/
multi-valued common name, so I'd also prefer eduGAIN only had
displayName in the attribute profile.
(Not that it matters much what's in there, probably.)
But for new community standards and profiles I'd definitively start
with less choice for pretty much equivalent/identical use-cases.
-peter