Child pages
  • Rationale for Required and Desired Features in the IdP of Last Resort Working Group Report

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

R2. It must have the ability to Assign/Assert ePPNs.
R3. It must have the ability to Assign/Assert ePTIDs or provide a SAML2 persistent NameID if ePPNs are re-assignable.

...

Service providers need a single consistent primary identifier to key off all information about a person. If this key changes, or the same key is subsequently assigned to a different user, then the original person’s settings, history, and related data are lost to them. Requirements R2 and R3, taken together, guarantee that

...

a suitable identifier will be available to the SP.

R4. It must accept SP requests for authentication contexts via the standard SAML2 Authentication Request Protocol.

...