Closed MasonJohnDavis closed 9 years ago
THIS MIGHT BE THE SAME AS 6.6
This not identical to 6.6 This requirement ensures that Access Control can be coordinated: Harmonized names and values for user attributes that participate in the declaration and enforcement of access rights. It is in particular important that each IdP releases a unique identifier for each user. A pseudonym'd version of that where the uniqueness is limited to a IdP/SP pair is called persistent identifier. Both attributes should be released by the IdP so that the SP can choose which one to use, appropriate to the use case.
This seems to be achieved
All idps must release the set of attributes and all sps must accept them. in order to ensure the possible harmonized use of the attributes at the sp for access control, the cobweb coordination center should host an attribute-map.xml that can be used by all sps.