shibboleth-dev - RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT
Subject: Shibboleth Developers
List archive
- From: "RL 'Bob' Morgan" <>
- To: Shibboleth Dev Team <>
- Subject: RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT
- Date: Tue, 10 Jun 2008 11:49:28 -0700 (PDT)
There is an argument that the consent-based approach is neither desirable nor necessary within an educational context.
Not really the right list for this, but to add to Scott's answer ...
Indeed under FERPA in the US many situations are "legitimate educational use" where "education record" information may be provided to recipients without requiring student consent, and without regard to the student's privacy preferences. But many situations where federated authentication is of interest aren't "legitimate educational use", eg access to Microsoft's DreamSpark or more generally
https://spaces.internet2.edu/display/InCCollaborate/Enrollment+verification
or many collaborative scenarios, etc, etc. If we restrict the use of university-IdP federation (for students) to only those services strictly needed for instruction I think we'll be missing lots of opportunities.
(we also emphasise only releasing ePTID and ePSA, which are not affected by this legislation, and so there should be very few instances where an Institution actually needs to think about this).
In the US I don't think the situation regarding FERPA and ePTID and ePSA is clear, though in one case the UW registrar agreed to these being provided to a third-party, in a non-legitimate-use scenario, without requiring consent (where providing email address, which the vendor wanted, would have required consent). But in any case it's the same story: restricting the identifiers available to only ePTID will make many collaboration scenarios difficult enough that RPs will give up on federation and fall back to plain old accounts. That is, abandoning the capability of federated signon to provide useful data like name and email address eliminates much of the value of the scheme, for some apps at least.
We do have a ways to go to make consent generally available, but I don't think we have any choice but to get there, for students and everyone else.
- RL "Bob"
- SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Steven_Carmody, 06/09/2008
- Re: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Chad La Joie, 06/09/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Peter Williams, 06/09/2008
- Re: SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Scott Cantor, 06/09/2008
- RE: [Shib-Dev] Re: SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Peter Williams, 06/09/2008
- RE: [Shib-Dev] Re: SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Scott Cantor, 06/09/2008
- RE: [Shib-Dev] Re: SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Peter Williams, 06/09/2008
- Re: SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Scott Cantor, 06/09/2008
- Re: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Peter Schober, 06/10/2008
- Re: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Chad La Joie, 06/10/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT, Josh Howlett, 06/10/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT, Scott Cantor, 06/10/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT, RL 'Bob' Morgan, 06/10/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT, Josh Howlett, 06/10/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT, Scott Cantor, 06/10/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9am PDT, Josh Howlett, 06/10/2008
- RE: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Peter Williams, 06/09/2008
- Re: [Shib-Dev] SHIB Status call -- 6/9/2008) -- 12:00 pm EDT, 9 am PDT, Chad La Joie, 06/09/2008
Archive powered by MHonArc 2.6.16.