On 15/05/2019, 12:07, "FIM4L on behalf of Peter Schober" <fim4l-bounces@lists.daasi.de on behalf of peter.schober@univie.ac.at> wrote:
5.a would be something like the "privacy star"
5.b would then maybe be something like "subject tracking and personalisation possible" (so spelling out the danger right away with the possible feature)
Great! I just quoted this into the document;)
I'm still abit undecided wrt optional data but I think all that should then come from the subject herself: We help enable that by making a stable but pseudonymous identifier available, the rest should be up the SP and the subject. So 5.b probably only differs in the identifier from 5.a.
Yes, I think so.
If 5.b comes in one SAML connection together with 5.a (like the most wanted option 4, Peter S., May 13th) then a choice (of releasing a stable identifier) has to be made by 1.) the library beforehand or 2.) user consent at login, for each SAML connection. Right?
cheers, Jos