Consider approaches, criteria, functional requirements, etc. appropriate to address each case
We know that there are several actual solutions that have been developed. Where you have a solution we can also just identify it and we can map backward to its attributes when we summarize this information.
In general, the issues of external identities do not depend on protocols, but supported protocols are an important aspect of external identity providers.
Support for consent (and, in general, privacy protection for the user)
Stability of identifiers
Account linking / invitation
Use case from Dedra: Almuni invited to log in to a service with a social identity. A gateway could assert a unique Alumni ID that's been linked to the social identity.
Difference between copying attributes between accounts/IdPs, linking attributes and linking identifiers/credentials
Alumni model vs. parent model: Difference of who can invite, whether the institution cares, and what authorizations are provided.
Some of these characteristics are aspects of the external identity provider, and some are aspects of how the integration with the local IdMS is done.
Next steps
Dedra will write up her use case
Guidance on risk analysis
Recommendations on where InCommon should put resources
Homework for next call: Provide feedback on risks, concerns, for each use case in the matrix. Submissions can be directly in the wiki matrix, as comments, via email to the list or to Eric, and we’ll collate and update the matrix with final info.