[Tf-aai] IdP blacklist proposal
Kai Zimmer
zimmer at bbaw.de
Fri Sep 6 11:58:15 CEST 2019
Hi all,
i generally agree with you, but
Am 06.09.19 um 11:04 schrieb Martin Matthiesen:
> ...
>
> The blacklisted IdP should be properly informed beforehand and given a chance to respond. German IdPs (so far 100% of the cases) can be presented with this document:
> https://doku.tid.dfn.de/de:shibidp3attrfilter#freigabe_der_wichtigsten_attribute_fuer_clarin-sps
In my opinion (as an IdP administrator) this document is not helpful at
all. It suggests to release ten attributes although many of them are not
necessary or requested by the SPs. Even though the SPs have signed CoCo,
many german data security officers will struggle with this 'rule of a
thumb'. I think it would be better to keep a list of individual
AttributeFilterPolicy-Snippets for each SP according to the demand for
data thrift in the GDPR/DSGVO.
Best regards,
Kai
More information about the Tf-aai
mailing list