Hi all,
Please read following article:
https://elephantinthelab.org/when-your-journal-reads-you/
What about the idea to write an official FIM4L response?
I think we can note that:
* It is time that libraries indeed need to fight this problem.
* Both libraries and publishers should work on this.
* SSO authentication methods can be used to reach the goal of better privacy, rather than IP-based authentication.
* Libraries and publishers need to work together on protecting users' privacy.
* We need to work together towards a new trust model anchored in a contract.
* Only together we can make a safe 'information journey' for researchers and students.
* We need each other, even when articles are published in Open Access. We can create a safe logon and can agree on a contractual basis that a publisher provides a safe journey for an authenticated user, rather than not authenticated users who are exposed to whatever the publisher is looking for.
All the best,
Jos
Jos Westerbeke
Library IT specialist/manager | Erasmus University Rotterdam, Library | Burgemeester Oudlaan 50 | 3062PA Rotterdam | jos.westerbeke(a)eur.nl<mailto:jos.westerbeke@eur.nl> | +31 640295513
Hi Bernd,
I see,
eduPersonScopedAffiliation (required)
eduPersonEntitlement (required)
is working for Freiburg University and
eduPersonScopedAffiliation (required)
eduPersonEntitlement (required)
eduPersonTargetedID (required)
is not.
The university students and staff are free to use personalisation at Lexis
Nexis,
Elsevier, EBSCO, ProQuest services if they want to so
eduPersonScopedAffiliation (required)
eduPersonEntitlement (required)
eduPersonTargetedID (optional)
is working for the University as well.
Is it correct?
All the best
Jiri
>
>> On Sat, Mar 13, 2021 at 2:40 PM Bernd Oberknapp <bo(a)ub.uni-freiburg.de>
>> wrote:
>>
>>> Hi Jiri,
>>>
>>> On 13.03.21 09:15, Jiri Pavlik wrote:
>>>
>>> > When checking ProQuest SP for ProQuest Central in DFN-AAI metadata [1]
>>> > I can see both eduPersonEntitlement and eduPersonTargetedID as
>>> required
>>> > attributes.
>>>
>>> I assume you mean the SP
>>> https://shibboleth-sp.prod.proquest.com/shibboleth? That's obviously
>>> wrong, both eduPersonScopedAffiliation and eduPersonEntitlement are
>>> supported for authorization, but as far as I can tell you don't have to
>>> use them, and eduPersonTargetedID isn't required.
>>>
>>> > Is it safe to assume that if there is personalisation capability at a
>>> > library service then all German universities, libraries are fine with
>>> > releasing eduPersonTargetedID for recognising returning users and
>>> > eduPersonEntitlement, eduPersonScopedAffiliation for authorisation?
>>>
>>> No. I can't speak for other IdPs, but in my opinion that approach would
>>> be wrong, users by default should be able to use services anonymously,
>>> without being recognized as a returning user. Based on what I can see in
>>> the admin tools, only a very small percentage of our users actually uses
>>> the personalization features, so releasing eduPersonTargetedID by
>>> default just for personalization isn't an option. If publishers would
>>> force us to send an eduPersonTargetedID just for personalization I would
>>> consider dropping Shibboleth for those publishers and using our EZproxy
>>> instead.
>>>
>>> Best regards,
>>> Bernd
>>>
>>> --
>>> Bernd Oberknapp
>>> Gesamtleitung ReDI
>>>
>>> Albert-Ludwigs-Universität Freiburg
>>> Universitätsbibliothek
>>> Platz der Universität 2 | Postfach 1629
>>> D-79098 Freiburg | D-79016 Freiburg
>>>
>>> Telefon: +49 761 203-3852
>>> Telefax: +49 761 203-3987
>>> E-Mail: bo(a)ub.uni-freiburg.de
>>> Internet: www.ub.uni-freiburg.de
>>>
>>>
