Skip to Content.
Sympa Menu

shibboleth-dev - RE: Fwd: More detailed Grid scenarios

Subject: Shibboleth Developers

List archive

RE: Fwd: More detailed Grid scenarios


Chronological Thread 
  • From: Scott Cantor <>
  • To: "'David L. Wasley'" <>, 'Von Welch' <>
  • Cc:
  • Subject: RE: Fwd: More detailed Grid scenarios
  • Date: Tue, 20 Jan 2004 15:01:17 -0500
  • Importance: Normal
  • Organization: The Ohio State University

> Therefore, if you want a VO to "borrow" a persistent identifier for
> members of a Grid community, you have to use the EPPN known to the
> member's HO. The Grid applications can map that EPPN to a Grid
> identity. Better yet - the Grid member can be known by their HO EPPN
> from the git go. I see no motivation at all to ask every Home Org to
> store additional identifiers for use in other domains.

Well, the obvious reason is the one Liberty has, namely to allow the VO to
function with some relationship to its users independent of their HO or of
the user changes HO's. That requires a persistent identifier owned/managed
by the VO, and Liberty (and SAML) aim to link the two.

In Liberty's case, it's a business (I guess a CRM) justification to not let
the HO "own" the relationship with the "customer". Obviously that driver may
not apply here.

-- Scott




Archive powered by MHonArc 2.6.16.

Top of Page