[Fim4l] [refeds] Deprecating eduPersonTargetedID
peter.schober at univie.ac.at
Fri Apr 5 17:37:17 CEST 2019
* Jiri Pavlik <jiri.pavlik at mzk.cz> [2019-04-05 16:58]:
> could you comment, please, on eduPersonTargetedID as requested
> attribute at Elsevier SP in eduID.at metadata? -
What is it you're asking speficically? Why the Elsevier SAML SP as
registered in eduID.at lists eduPersonTargetedID as a requested
If no existing SP in the world were still using eduPersonTargetedID we
wouldn't be having these discussions, would we? So obviously there
are SPs that use ePTID today, even in the federation I operate.
If you could clarify what the question is I can try to be more
specific, instead of having to guess what contradiction you're looking
for (or whatever).
[ Of course looking closer at our metadata you'd see that we also
modified our copy to contain a NameIDFormat element with 'persistent'
listed first. So any Shibboleth IDP that supported the SAML2 standard
NameIDs -- not the eduPerson legacy attribute -- would work with that
SP just fine using proper persistent NameIDs. I.e., none of our IDPs
have to send eduPersonTargetedID to that SP to make it work.)
In case this is still not clear: The ongoing activity to deprecate
eduPersonTargetedID will not magically make it disappear from
established SPs, nor will it forbid its continued use.
But what it will do is prevent new guideline documents being written
such as FIM4L's from claiming to support or establish or adhere to
Best Current Practices and international standards while at the same
time perpetuating or even recommending use of attributes that should
not be used per those very standards.
That's what I'm after: To avoid new standards from being created that
cement use of obsolete legacy technology even if that legacy
technology is still being used today. (Otherwise why bother?)
More information about the FIM4L