Hi Peter,

I support your points.

I agree with Bernd's: "there are obviously different opinions about when "required"
should be used."

I am all in with Meshna and Jos that FIM4L recommendations need to be modified now
to play nicely with new REFEDS entity categories proposed by Seamless Access.

We also need to revisit:
"eduPersonEntitlement, with other values, representing group or role memberships in alignment 
with AARC Guidelines on expressing group membership and role information"
in FIM4L's recommendations. This is currently used at Prague's Charles University for example
to describe users faculty affiliations and it is providing SPs with informations needed for authorisation
when there are licences for faculty students and staff. This is not clear in the REFEDS entity categories
specs how SPs are supposed to authorise faculty, campus, departments users.

Cheers

          Jiri


On Wed, Mar 17, 2021 at 6:45 PM Peter Schober <peter.schober@univie.ac.at> wrote:
I can neither understand what you're trying to say not what this has
to do with the specific message you are replying to (which was about
Jos' statement about maybe adopting use of the "anonymous"
terminology which I advise against).
-peter

Full quote below because I wouldn't know what to quote.

* Jiri Pavlik <jiri.pavlik@techlib.cz> [2021-03-17 18:24]:
> Hi,
>
> at the REFEDS entity categories specs there is:
>
> "Service Providers SHOULD limit their data requirements to the bundle of
> attributes defined in Section 4."
>
> at 5. Service Provider Requirements paragraph.
>
> IMHO it leaves a room for FIM4L to specify whether samlPairwiseID,
> edPersonScopedAffialition,
> eduPersonEntitlement should be requested by SPs as required or optional.
> And what actually
> means required and optional for the attributes release from IdPs to SPs :-)
>
> Best
>              Jiri
>
>
>
> On Wed, Mar 17, 2021 at 9:43 AM Peter Schober <peter.schober@univie.ac.at>
> wrote:
>
> > * Jos Westerbeke <jos.westerbeke@eur.nl> [2021-03-17 09:31]:
> > > We (on this FIM4L list) have chosen (early 2019) not to use the word
> > > anonymous because it pretends that you are anonymous, which is not,
> > > or at least disputable.
> >
> > There is no such thing as an anonymous federated login.
> > So this terminology serves to confuse more if anything.
> >
> > -peter
_______________________________________________
FIM4L mailing list
FIM4L@lists.daasi.de
http://lists.daasi.de/listinfo/fim4l