Subject Re: use of eduPersonEntitlement
From Keith Hazelton <hazelton@xxxxxxxx>
Date Tue, 14 May 2013 13:59:57 -0500

Thanks, Rod.

Our current interest in this topic comes from an ongoing discussion of the stubborn fact that identifying an organizational entity cannot be reduced to looking up the SAML entityId of the IdP.

The reason for looking at ePEntitlement is that under many of the use cases where organizational identifier seems to be what is wanted, what is actually called for is an identifier for a service contract between two parties that can be expressed for each user to whom it should apply.

On May 14, 2013, at 13:50 , Rod Widdowson <rdw@xxxxxxxxxxxxxxxxxxxx> wrote:

> It is used within the UK federation (it's one of only 4 core attributes
> mentioned in the technical recommendations for participants).  But I
> wouldn't like to say how widely.  I would imagine that there is little
> centralized control of mandating of it, thatís not the nature of the beast..
> Ian, who would be the authoritative source to answer this for the UK is out
> on vacation this week.  If he doesn't see this and respond next week I'll
> poke him.
>> -----Original Message-----
>> From: Keith Hazelton [mailto:hazelton@xxxxxxxx]
>> Sent: 14 May 2013 19:00
>> To: REFeds
>> Subject: [refeds] use of eduPersonEntitlement
>> An email thread here has me wondering whether IdPs outside InCommon
>> tend to make much use of the eduPersonEntitlement attribute.
>> Any data points welcome.
>>      --Keith Hazelton