[openid-specs-rande] SAML to OIDC mapping specification
Mischa Salle
msalle at nikhef.nl
Thu Mar 4 12:43:03 UTC 2021
Hi there,
On Wed, Mar 03, 2021 at 08:05:45PM +0100, Marcus Hardt wrote:
> On 03. Mar 2021 17:04, Etienne Dysli Metref wrote:
> > On 02.03.21 12:28, Marcus Hardt wrote:
> > > Same here: We've built our Helmholtz Infrastructure fully on the
> > > names suggested by the whitepaper in [2].
> > >
> > > Unless there is a very good reason to drop the '_', I don't think
> > > this will happen.
> >
> > So what about people who implemented different claim names? With which
> > criteria do we decide who has to change? (Assuming everyone wants to
> > follow an eventual specification.)
>
> I know that at in the context of AARC a couple of Infrastructures followed
> the mechanism mentioned in the REFEDS OIDCRE Whitepaper to translate from
> eduPerson* to eduperson_*
>
> - EGI
> - EUDAT
> - EduTeams
which they are required to do since AEGIS has approved e.g. AARC-G025.
https://aarc-community.org/guidelines/aarc-g025/
> Also one national project I'm in volved in uses those.
>
> I am not aware of different implementations. Are there any that did it
> differently?
And just to note that the WLCG Common JWT Profile
(10.5281/zenodo.3460258 or direct https://zenodo.org/record/3460258)
also uses eduperson_assurance.
Mischa
--
Nikhef Room H155
Science Park 105 Tel. +31-20-592 5102
1098 XG Amsterdam Fax +31-20-592 5155
The Netherlands Email msalle at nikhef.nl
__ .. ... _._. .... ._ ... ._ ._.. ._.. .._..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <http://lists.openid.net/pipermail/openid-specs-rande/attachments/20210304/93323819/attachment.asc>
More information about the openid-specs-rande
mailing list