 |
 |
>>> On 08/04/2008 at 10:15, in message <[log in to unmask]>, "Thornley, Dave H" <[log in to unmask]> wrote: > We generate a value hashed from staff or student id number and store it in > EPPN in the directory. This is what's passed out to SPs needing it. > Although this is a nice solution to the issue of exposing privacy will it cause problems in the future? This satisfies Ian Youngs definition in http://www.ukfederation.org.uk/library/uploads/Documents/technical-recommendations-for-participants.pdf where he says: "This attribute is used where a persistent user identifier, consistent across different services, is required." But he goes on to say: "It often corresponds to the users single sign-on (SSO) name" and in conversations with others elsewhere (outside the UK) it almost always seems to be assumed that EPPN will be the login name. Not that it should EVER be exposed.... Naughty Landmap for asking for it, wouldn't EPTID do? So, World, is Dave's solution the one to go for? I'm terrified of making a decision which will come back to haunt me big time! Andy -- ********* Andy Swiffin Senior Network Specialist, Corporate Information systems Information & Communications Services (ICS) University of Dundee, Computing Centre, Park Place, Dundee, DD1 4HN Direct: 01382 388000 (Service Desk) Visit our website at: www.dundee.ac.uk/ics ********* The University of Dundee is a registered Scottish charity, No: SC015096