Shibboleth Developers

[Chad La Joie <>]

Yeah, this has been brought up before.  I'll address it in the email I 
send out about the consent engine.  I'll do that one next week.

On 6/3/10 11:28 AM, Peter Schober wrote:
> * Chad La 
> Joie<>
>   [2010-06-02 20:38]:
> > - Implement a new filter plugin that can use information in an attribute
> > query and metadata to determine if attributes should be released.  The
> > general use case behind this is to allow service providers to ask for
> > particular attributes and have the IdP release what they ask for.  The
> > implicit assumption is that either other policies will be in place to
> > control the release of truly sensitive data or that user-approved
> > attribute release consent (e.g. uApprove) would be used.
>
> Speaking of consent: I have no idea what is involved here (or whether
> it might even be possible today, but I doubt it is) but it would be
> great if the "flow" would be such, that it would be possible for a (or
> preferrably: the one that comes integrated with the Shib IdP) consent
> module to let people opt-in or opt-out to the release of specific
> attributes (or values) and only then generate the signed and encrypted
> assertion.
> See also
> http://tnc2010.terena.org/schedule/posters/index.php?poster_id=19
> for an existing implementation.
> -peter

--
Chad La Joie
http://itumi.biz
trusted identities, delivered