shibboleth-dev - RE: [Shib-Dev] SHIB Status call -- 8/11/2008) -- 12:00 pm EDT, 9 am PDT
Subject: Shibboleth Developers
List archive
- From: Peter Williams <>
- To: "" <>
- Subject: RE: [Shib-Dev] SHIB Status call -- 8/11/2008) -- 12:00 pm EDT, 9 am PDT
- Date: Mon, 11 Aug 2008 08:42:44 -0700
- Accept-language: en-US
- Acceptlanguage: en-US
|
-- for cases that would
traditionally be handled by OpenID, but no OpenID sites currently support
attributes (Scott's OpenID case) Could you perhaps explain that last
part of the claim? Perhaps the term "attributes"
, or the act of "supporting" attributes, has a very special (non-obvious)
Shib-community meaning? …one that invokes the Shib “control
doctrine”, perhaps? I can easily show my OpenID provider
sending LDAP-style attributes to a Google-branded weblog site; and I can show I
consented to that release of a particular subset of my LDAP-style attributes on
either a automated or per-use basis. What I cannot show is that some “control
authority” (e.g. InCommon) authorized or in any way governs their
release, mainly since - in OpenID - I am the only control and governing authority.
The notion of a control authority other than me really doesn’t exist, in
OpenID doctrine. Of course, nothing stops a given implementation adding inter-domain
guard functions that enforce information flow controls. |
- SHIB Status call -- 8/11/2008) -- 12:00 pm EDT, 9 am PDT, Steven Carmody, 08/11/2008
- RE: [Shib-Dev] SHIB Status call -- 8/11/2008) -- 12:00 pm EDT, 9 am PDT, Peter Williams, 08/11/2008
- RE: [Shib-Dev] SHIB Status call -- 8/11/2008) -- 12:00 pm EDT, 9 am PDT, Scott Cantor, 08/11/2008
- RE: [Shib-Dev] SHIB Status call -- 8/11/2008) -- 12:00 pm EDT, 9 am PDT, Peter Williams, 08/11/2008
Archive powered by MHonArc 2.6.16.