Subject Re: VO challenges - article
From Tom Scavo <trscavo@xxxxxxxxxxxxx>
Date Tue, 27 Oct 2015 12:42:47 -0400

On Tue, Oct 27, 2015 at 12:33 PM, Paul Caskey <pcaskey@xxxxxxxxxxxxx> wrote:
> I agree with that, but would just point out that many IdPs fail to release attributes not because they are recalcitrant, lazy, or anything else, but that the culture common to many institutions (and CIOs) is that taking the risk of automated release (managed by a party that is legally blameless) is not justified by the benefits.
> So, continuing to whine to IT folks about the attribute release problem isn’t going to fix it IMHO.  We need to address the risk/reward argument and drive the conversation in other administrative areas of the institution (registrars, HR, etc).

You're right, Paul, which is why (I think) Nate Klingenstein, John
Bradley, and others are talking about entity attributes signed by the
relying party, not the registrar.