Refeds


Subject Re: mari plan & next steps
From Niels van Dijk <niels.vandijk@xxxxxxxxxx>
Date Thu, 30 Oct 2014 09:25:12 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 29-10-14 16:06, Peter Schober wrote:
> I'd be interested in more (any, really) concrete examples of that
> kind of breakage, to substantiate the claim of the massive scope of
> that problem.  (I'm probaby just lacking that experience, and
> imagination.)

As an exmaple: I am currently building a service for eduGAIN that
needs a persistent identifier for a user. My choices are:
1) SAML persistent NameID (preferred)
2) edupersontargetedid
3) eduersonperinciplename

Neither of these is available in all federations connected to eduGAIN.

Not a problem, I can programm around that. But I have no means of
expressing that I need either of them in metadata. The only currently
correct way of expressing this is to ask for a persistent NameID and
have the two attributes as optional. This might actually lead to
getting none.

cheers
Niels
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUUfXoAAoJECCFeCvee7L1D4wP/3ooOMdB+TGj8HNadyzs5maa
FkwAF0T5kDpZVx6Ca0IDulkGXxibaVxzMxQw1QiYW81/cMoTyYvgjjV7Vz6ylRu0
VaFxKKKfcEeArgqhu0tnHVYszyESma1VipxdgCogQOOu+LpYdrqVQK/Lz5fxfZdU
AF4veJyCK2eQ48Dt292fC6iH+W+UqvddTz0MoUQ3BFCCJxmz65SohQvp7A96C/8Q
Ja9FcDCT1dzZ/pw6oNDtAqwn6Ka7Plm1PnxsdUrz0AHKTAb6QXN0nXIRIGv+dCAQ
vIfkqnuRECQEtm7JkbA8ubQTyQbrJFrX4f7FpRlDVWYHUxTCrZfJMdhp9TiczmdS
OC0rC/HZo2wbO/q5Rvo8WGGFAp7x1H47xc2cmmvnbvzKo5W2g2244jU7eJ0f4DnG
JoV9gd6cc0U9yEAbor7p6DTPxBbqITUENkj5jGySM8EZCtL77u0g9rimOFYLpMge
FALJjU/TzzsHGasq2yV0ft/8euJwOwag+qcRXmQsL0z7g44Ag0Pi9wV9NPSYttsL
L3l8J2G+QZeGtQaY2PfmAh9V60rDXLqkZCsxjbUWjSR7Pi2hM9W684E2SYRvo4i8
ip4XD1P+cHfPU4EX0IQpnUldwr8czNVRMeJ2e/U37EnGmF+tjvCK/+zy7a2j3GIt
8qJ/eBwG+ivqoDZU8ITx
=2BOr
-----END PGP SIGNATURE-----