Refeds


Subject Re: Re: [eduGAIN-discuss] mari plan & next steps
From Peter Schober <peter.schober@xxxxxxxxxxxx>
Date Wed, 29 Oct 2014 16:26:42 +0100

* Kristof Bajnok <bajnokk@xxxxxxx> [2014-10-29 16:19]:
> Basically I like the idea. Can you please add a couple of other
> examples? From the top of my head:
>  - "Any ID" -> eppn, eptid, persistent NameID, schacPersonalUniqueCode,
> auEduPersonSharedToken

I would have hoped for Entity Categories to solve that, basically.

>  - "phone" -> mobile, telephoneNumber ?
>  - "address" ??? (if something needs it, it likely needs more specific
> information, such as shipping address, residential address, etc)

I've never seen an SP needing these and certainly none of our IDPs
even have the info available, e.g. for students.

I'm happy as the next person to see a rich attribute ecosystem emerge,
but so far I feel the only somewhat interoperable and
can-be-assumed-to-exist attributes in interfederation use (i.e., not
your locally defined attributes within a single closed community or
federation) are the ones I mentioned here[1]:

Name attributes
  displayName (urn:oid:2.16.840.1.113730.3.1.241)
  givenName (urn:oid:2.5.4.42)
  sn/surname (urn:oid:2.5.4.4)
Identifiers
  eduPersonTargetedID (a.k.a. SAML2 persistent NameID, urn:oid:1.3.6.1.4.1.5923.1.1.1.10)
  eduPersonPrincipalName (urn:oid:1.3.6.1.4.1.5923.1.1.1.6)
  mail (urn:oid:0.9.2342.19200300.100.1.3)
Authorization
  eduPersonScopedAffiliation (urn:oid:1.3.6.1.4.1.5923.1.1.1.9)
  eduPersonEntitlement (urn:oid:1.3.6.1.4.1.5923.1.1.1.7)
Organizational data
  schacHomeOrganization (urn:oid:1.3.6.1.4.1.25178.1.2.9)

[1] "Make attributes available",
    https://wiki.univie.ac.at/display/federation/Preparing+an+IDP+for+Interfederation

Cheers,
-peter