Shibboleth Developers

["Scott Cantor" <>]

> It wasn't duplicated text for me.  Maybe it belongs in core, I don't
> know, but I'd sure hate to lose it altogether.

I considered it just a paraphrase of the AllowCreate definition text in
core, but maybe the wording there needs work.

> Then I would argue that AllowCreate will be used more often than not. 
> It may not be necessary in the example I posted earlier, but it's
> surely not a "rare" attribute.

Well, that's a point. That's why I flagged the attribute as "needing
discussion" for our purposes. My sense is that we'll want to come up with a
fancy justification to leave it out, but in any case, my original suggestion
was that it would be rare to combine it with an email address, not with
transient. You might just use transient, in fact.

-- Scott