What is wrong with persistent NameID?
What is useful about them?
Should the profile be addressing current practice or desired practice or both?
If the latter, what is that?
What are the implications of case sensitivity on current and desired practice?
What do we do about the fact that everybody else uses email addresses?
Should we promote scoped identifiers (ePPN, ePUId)?
Non-scoped identifiers (SAML2 Persistent NameID, OIDC 'sub' claim) are scoped to the IdP entityID. Is that better or worse than scoped identifiers (which do not depend on the IdP entityID)?