Subject Re: [eduGAIN-discuss] mari plan & next steps
From Peter Schober <peter.schober@xxxxxxxxxxxx>
Date Wed, 29 Oct 2014 17:52:52 +0100

* Cantor, Scott <cantor.2@xxxxxxx> [2014-10-29 17:42]:
> One reason RequestedAttribute still matters is that without a way to use
> that approach, you can't signal required vs. optional, and there are
> federations increasingly looking at per-attribute consent, rightly or
> wrongly.

Interesting. So meta-attribute names are really about reviving the
isRequired="true|false" flag (and thereby reviving RequestedAttributes
itself), which we've given up on -- mostly because of the inability to
express multiple acceptable alternatives?

I.e. the meta-names would need accompanying specification that would
always say "At least one of the following attributes[1] needs to be
released, if this meta-name is being requested"?

How about "ePPN only if it's not re-assigned, otherwise ePPN+ePTId"?

But then no, seems we cannot request ePPN ever, because the Danish
don't have it? So we'd have to define meta-variants of individual
attributes (fooEduUniqueID eq ePPN eq ...) and then yet
metameta-variants of permutations of those?
That would leave us with *many* such attribute names, though, all of
which would need to be implemented widely at IDPs in order for any of
that to make sense?

[1] givenName+sn counting as one in this example