shibboleth-dev - RE: TargetedID Durability

Subject: Shibboleth Developers

List archive

RE: TargetedID Durability

From: "Scott Cantor" <>
To: <>
Subject: RE: TargetedID Durability
Date: Mon, 1 Aug 2005 14:11:38 -0400
Organization: The Ohio State University

> In the case of Shibboleth authentication, the information that we could
> provide back might be the ePTID (assuming there is no other personal
> information in the original SAML assertion). We would expect that the
> institution would keep a reasonable history of user<->ePTID associations
> so that they can (internally) identify the transgressor.

In fact, we already incorporated the ability to log transactionally who is
assigned what transient identifier during authentication (what we called
handles). We knew this was a basic requirement, privacy aside.

So you can do it now without even using TID or having a history of them.

Of course, a site can simply turn off this logging, or delete them, but
that's up to policy, the same as this.

-- Scott

Re: TargetedID Durability, Chad La Joie, 08/01/2005
- Re: TargetedID Durability, David L. Wasley, 08/01/2005
  - Re: TargetedID Durability, Chad La Joie, 08/01/2005
  - Re: TargetedID Durability, Spencer W. Thomas, 08/01/2005
    - RE: TargetedID Durability, Scott Cantor, 08/01/2005
      - Re: TargetedID Durability, Spencer W. Thomas, 08/01/2005
    - Re: TargetedID Durability, David L. Wasley, 08/01/2005
      - RE: TargetedID Durability, Scott Cantor, 08/01/2005
        
        RE: TargetedID Durability, David L. Wasley, 08/01/2005
        
        RE: TargetedID Durability, Scott Cantor, 08/01/2005
- <Possible follow-up(s)>
- RE: TargetedID Durability, Steven_Carmody, 08/01/2005
  - RE: TargetedID Durability, Scott Cantor, 08/01/2005
- RE: TargetedID Durability, David L. Wasley, 08/01/2005
  - Re: TargetedID Durability, Chad La Joie, 08/01/2005

List archive

RE: TargetedID Durability