Shibboleth Developers

[Chad La Joie <>]

The items in metadata that you identified are there because the SP is
the "owner" of that data but the DS and IdP are expected to display it.
 I'm not sure terms of use is the same thing.  Why can't the SP display
their own terms?  In addition, isn't the point of display something like
a ToU the expectation that people will agree to it and that that
agreement will be tracked?  The SP wouldn't be able to verify that that
occurred or get access to the user's agreement information even if it
did happen.

If it helps the ToU module in IdPv3 will be able to display a default
ToU page or a SP-specific one.  However, in either case the idea is that
it is the IdP's terms of use (which may or may not be affected by the SP
in use).

On 2/17/11 12:46 AM, Nate Klingenstein wrote:
> 1)  They want to express a Terms of Use location that can be displayed
> by an SP.  This is almost-but-not-quite <mdui:PrivacyStatementURL>. 
> Something like <mdui:TermsOfUseURL> would be ideal, and that's probably
> a superset that can cover <mdui:PrivacyStatementURL>.  If there's
> another field I'm overlooking, that'd be great, but otherwise I'll
> submit the comment to the SSTC and they'll probably repurpose
> <mdui:PrivacyStatementURL>.
> 
> AFAIK, SWITCH's uApprove uses a canned ToU file that is general to all
> SP's and probably represents different legal requirements.  Would
> uApprove want to support behavior like this?

-- 
Chad La Joie
http://itumi.biz
trusted identities, delivered