Shibboleth Developers

[Jim Fox <>]

> > The idea that the user seeing their
> > attributes being a problem seems silly to me.
>
> Attributes are statements made about the subject by party A for
> consumption by party B.  I can't see why you'd assume that all such
> attributes should be visible to the subject: an opinion (a credit  
> score,
> or a medical assessment) or something involving more than one data
> subject, for counter-examples.

I'll note that the new Information Card protocols, which are all  
business, go out of their way to make sure the user gets to preview  
all the attributes before they are sent to the SP -- even when those  
attributes are encrypted.  It would be a sorry state of affairs if  
Shibboleth, which started out with an idea of protecting the user,  
now goes the opposite direction and considers its users an enemy from  
whom data must be restricted.

Jim