Refeds


Subject Re: Re: [MACE-Dir] eduPersonSubjectIDGUID
From Peter Schober <peter.schober@xxxxxxxxxxxx>
Date Thu, 22 Oct 2015 19:17:03 +0200

* Nick Roy <nroy@xxxxxxxxxxxxx> [2015-10-22 18:27]:
> Is it time for a new eduPerson attribute along the lines of
> "eduPersonSubjectIDGUID" (or whatever you want to call it) which is
> just a permanent-per-person, portable, non-reassignable, globally
> unique and non-scoped type 4 UUID?

I'm not aware of some of the issues with current identifiers you hint
at, but are we not confronted with several proposals for wide-scale
deployment of omni-directional (non-targeted, correlatable)
identifiers these days?  Both eduPersonUniqueID as well as ORCID seem
to fill most of that (percieved) gap? ORCID also comes with an
authentication service, possibly linked to existing federated
identities.

I have not yet taken the time to fully understand the part about the
linking service and IDP of last resort, but I take it that's a
consequence of your permanent-per-person / portable requirement?
  Much like the auEduPersonSharedToken[1], which IIRC was defined to be
portable from one institution to another, though I have yet to hear a
secure process for doing that?
  So in order to avoid the issues of communicating identifiers between
institutions the subjects themselfs now need to take care of that by
linking accounts in time (while they can)?

Anyway, maybe a bit early for a cross-post to REFEDS...

Best regards,
-peter

[1] http://wiki.aaf.edu.au/tech-info/attributes/auedupersonsharedtoken