50 likes | 61 Views
Explore Shibboleth federations, prioritize standard attribute releases, and build consistency with Shib-enabled vendors for effective identity management. Join discussions on WAYF, eduPerson attributes, and session models.
E N D
Shib Enable: Taming the beast Ken Klingenstein Director, Internet2 Middleware and Security
Shib-enable • Two lists: • Shib-enable: major Shib federations (UK, US, Germany, Denmark, Netherlands, etc.); primarily library-oriented • Shib-enable-vendor: shib-enable + SP’s • Purpose is to build some consistency, common practices, etc in the use of Shib with content providers and perhaps others (transcripts, NCAA, etc.)
Types of activities • Largely email list discussions • Some coordinated work with major vendors • based on priority list • Advocacy, common standards, etc. • Cross-pollinates with other federation activities
Current issues • WAYF – when to use and what to display • Standard attribute release approaches • eduPersonaffiliation for default • eduPersonTargetedId for stateful anonymous • eduPersonPrincipalName for identity • Session model • Especially multiple attribute releases within a session