Hi,

I have some questions about where moonshot is going regarding some
technical aspects of identity and access management. Perhaps this is all
stuff that's in the works...

With Shibboleth, there's quite a bit of flexibility at both the IdP and
SP ends in terms of anonymous / pseudonymous / nonymous logins. So the
IdP can make sophisticated decisions about which attributes to release
to which SPs, and SPs can in turn make decisions about access control
based on which attributes are asserted by SPs.

I can envisage lots of analogous use cases for Moonshot, and I've not
yet seen much to suggest how much of this will be possible now/by the
end of the pilot/"at some point". For example, considering
moonshot-enhanced ssh:

IdPs might want to only provide pseudonyms to remote ssh servers;
possibly users might want to be able to say "I want to log onto the
remote server, but only if I can do so thus" e.g. with something like
eduPersonPersistentID

My ssh server might want logic like some of the following:

a) create accounts for anyone at Oxford
b) create a temporary guest account for pseudonymous users, but throw it
away later
c) for /any/ unknown user, refuse login, log the request, and let an
admin decide to approve the user infuture
d) create temporary accounts for anyone in the federation, and let an
admin decide whether to upgrade particular accounts to full accounts

These sorts of features would be really useful, but I'm not sure when/if
moonshot will be supporting them, and how much of this sort of behaviour
is going to be standardised?

Regards,

Matthew