 |
 |
Hi John, Sara here from the UK federation support team. There are still a few older SPs in the UK federation that depend upon SAML 1 and will still require eduPersonTargetedID to be released as a SAML 1 attribute. I expect that eventually all UK federation SPs will support SAML 2 but I can't forecast exactly when that will be! We are certainly treating it as a priority to encourage and help SP operators to support SAML 2. However: we know that *Shibboleth* SPs will accept a NameID in SAML 2 and use its value in the way it can the value of an ePTID attribute, but we don't necessarily know that of other software. It might be that in practice IdPs will need to release ePTID in SAML 2 to some SP deployments for quite some time to come. Sara Hopkins UK federation On 10/03/2016 11:30, John Horne wrote: > Hello, > > I am configuring a test IdP server based on our version 2 > configuration, but updating it as much as I can to version 3. The above > attribute though is, to me, a bit confusing. > > I see that the UK federation still list ePTID as a core attribute [1]. > But it also seems that for IdP version 3 the attribute has been > deprecated [2]. As far as I can tell, in order to resolve the > attribute, and comply with the UK federation recommendations, I have to > keep the current (v2) ePTID attribute configuration. > > In particular I note from the reply in [2]: > > "...because there has never been a good reason to pass it as an > attribute in SAML 2, only SAML 1. Since all of SAML 1 is sort of > deprecated... > > ...if there's somebody out there who thinks they need to send it as an > attribute in SAML 2, that's either a point of confusion or an SP with a > bug." > > I am just wondering if there is any sort of push being considered via > the UK federation for (listed) SP's to ditch SAML1 and so remove ePTID > as a core attribute? > > [1] http://www.ukfederation.org.uk/content/Documents/AttributeUsage > [2] http://shibboleth.net/pipermail/users/2015-April/020996.html > > > Thanks, > > John. > -- Sara Hopkins Support Team UK Access Management Federation for Education and Research web: http://www.ukfederation.org.uk/ The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.