Shibboleth Developers

["Alistair Young" <>]

> Why wouldn't Amazon store my sales history with them? That's personal
> information, but it certainly doesn't belong at my IdP.
agreed. The point seems to be that in the IRS type scenario, Amazon
wouldn't trust your IdP to assert your ePTID. In which case there's no
case for an IdP at all and the untrusting SP should just handle it's own
authentication, as Amazon does.

Alistair


-- 
Alistair Young
Senior Software Engineer
UHI@Sabhal
 Mòr Ostaig
Isle of Skye
Scotland

> Alistair Young wrote:
>>>if they are trying to access personal information at the SP.
>>
>> I'm curious. Why would a user have personal information stored outwith
>> their IdP? Is it personal information in the sense that they created it,
>> say an ePortfolio or something, or personal information in the sense of
>> attributes, i.e. name/address etc?
>
> Why would an IdP store every piece of information that an SP cares
> about? That's unlikely.
>
> Why wouldn't Amazon store my sales history with them? That's personal
> information, but it certainly doesn't belong at my IdP.
>
> -- Scott
>