...
Number | Current Text | Proposed Text / Query | Proposer | Action |
---|---|---|---|---|
1 | 5.3.3 The Identity Provider releases the eduPersonScopedAffiliation attribute. | Should this imply to release this attribute *always* to *all SPs*, including to publishers that are happy with only 'common-lib-terms'? Why should just the IdPs need to do something and not the SPs? | Thomas Lenggenhager (SWITCH) | https://github.com/leifj/academia-category/issues/26 |
2 | http://refeds.org/category/academic-institution | Given that the REFEDS website now does https by default, should this be https://refeds.org/category/academic-institution Comment from Peter Schober: For consistency with existing/published categories I'd stay with http. | Guy Halse (SAFIRE) | https://github.com/leifj/academia-category/issues/27 |
3 | 5.3.3 The Identity Provider releases the eduPersonScopedAffiliation attribute. | How should the Identity Provider’s registrar perform this mandatory check? Would a statement by the IdP administrator be sufficient ? | Thomas Lenggenhager (SWITCH) | https://github.com/leifj/academia-category/issues/26 |
4 | 3. The following URI is used as the attribute value for the Entity Category... | Under section 5 only requirements for Identity Providers are defined but normally an IdP uses Entity Support Category not Entity Category. Is this per design or only a mistake? Comment from Rhys Smith: "normally an IdP uses Entity Support Category not Entity Category" - is correct, but only by coincidence. An entity that has a specific categorisation has an entity category. It just so happens that so far, all categorisations have been for SPs, and so the IdPs have the ESC. This is a categorisation about an IdP, so it's right the IdP has an EC. If there was a corresponding ESC, it would be assigned to the SP that supports that IdP EC. Propose dropping ECS text. Comment from Peter Schober: https://refeds.org/category/hide-from-discovery is an(other) existing Entity Category for IDPs. | Pål Axelsson (SWAMID) | https://github.com/leifj/academia-category/issues/28 |
5 | 5.3.3 The Identity Provider releases the eduPersonScopedAffiliation attribute. | I would say that the behaviour of releasing euPersonScopedAffliliation to all SPs is not privacy by design as described in GDPR. It's a step away from data minimisation. euPersonScopedAffliliation is personal data even though it is not unique personal data. | Pål Axelsson (SWAMID) | See TL comment. |
6 | Add to section 5 | 5.4. additional recommendations 5.4.1 It is RECOMMENDED that IdP releases a unique, persistent and not targeted ID to Service Providers that support and display in their metadata the Research and Scholarship Entity Category [R&S] ... 6. References add: [R&S] REFEDS Research and Scholarship Entity Category v1.3 Sept. 2016 see https://refeds.org/category/research-and-scholarship | Peter Geitz (DAASI) | https://github.com/leifj/academia-category/issues/29 |
7 | Section 2 | is point 3 - "the institution is a research hospital, library or archive." meant to mean "research hospital, research library, or research archive", or what it says on the tin? | Rhys Smith (Jisc) | https://github.com/leifj/academia-category/issues/30 |
8 | 5.3.3 | how does a registrar check if an IdP releases ePSA? | Rhys Smith (Jisc) | See TL comment |
9 | section 5. "Failure to do so MUST result in revocation of the entity’s membership in the category." Who makes the decision to revoke? | "Failure to do so MUST result in the registrar revoking | Mikael Linden (CSC) | |
10 | Regarding #1, #3 & #8 on 5.3.3 | How about adding "5.3.3 The Identity Provider releases the eduPersonScopedAffiliation attribute, on request." So that the request can include metadata and inline attribute requests. | Brook Schofield | See comments above. |
11 | Academic vs Academia |
| Brook Schofield | https://github.com/leifj/academia-category/issues/32 |
12 | Attribute Authorities | The document only talks about Identity Providers. I guess we should also be concerned about Attribute Authorities (whether "co-located" with an IDP or stand-alone) asserting those same attributes? | Peter S. | To discuss in detail |
13 | Add Link | Maybe add URL/link to eduPerson 201602 reference, http://software.internet2.edu/eduperson/internet2-mace-dir-eduperson-201602.html | https://github.com/leifj/academia-category/issues/33 | |
14 | Reference | The reference [AcademicInstitutionWikipedia] is unused | References don't necessarily need to directly relate to text. | |
15 | Section 4: Specifically a relying party SHOULD NOT assume that an attribute assertion received from an Identity Provider | "than an | https://github.com/leifj/academia-category/issues/34 |
...