Subject Re: draft charge, refeds working group on attribute release
From Rhys Smith <smith@xxxxxxxxxxxxx>
Date Tue, 5 Jul 2011 19:09:32 +0100

On 5 Jul 2011, at 19:01, David Chadwick wrote:

> Attribute release is not a one dimensional problem. It is multi-faceted,
> which requires all of the following components at least to be in place
> - user consent

Well, you don't *need* user consent to be in place for attribute release to work. It helps make institutions think they're shifting liability, and helps empower the user, and all that good stuff, but it works perfectly well without it (for some values of perfectly). My users are making use of federated login to internal and external services without a problem without any kind of user consent system in place.

Dr Rhys Smith                                   e: smith@xxxxxxxxxxxxx
Engineering Consultant: Identity & Access Management  (GPG:0xDE2F024C)
Information Services,
Cardiff University,                            t: +44 (0) 29 2087 0126
39-41 Park Place, Cardiff,                     f: +44 (0) 29 2087 4285
CF10 3BB, United Kingdom.                      m: +44 (0) 7968 087 821