Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • e-Journal, ebook or other data access, where content may be accessed based on a users affiliation without a need for personal information.
  • Services selling products or offering discounts to staff or students based on their affiliation.

What are the distinguishing characteristics of an R&S service?


See section 6 of the R&S Entity Category specification for a precise definition of the minimal subset of the R&S attribute bundle.

How should the attribute release policies be formed?

What is the difference between R&S and the Code of Conduct?

The GÉANT Data Protection Code of Conduct is a process that allows Service Providers to commit to a series of declarations of support for data protection within the context of the EU Data Protection Directive.  Like R&S, it results in the application of an entity category tag and is intended to give greater confidence to IdPs when releasing data. 


  • The Code of Conduct is designed to help IdPs feel more comfortable with the SPs intentions to abide by existing data protection law and therefore have relationship with them, but does not define attribute release and does not work outside of Europe in its current form, although an international version is being explored.
  • R&S is designed to help IdPs that are struggling to define any sort of attribute release policies have an easier way of mitigating the risk and designing policies for a small subset of Service Providers that have been through some minimal vetting. It can be used by any federation globally.  

If an IdP restricts attribute release to some subset of R&S SPs, can that IdP declare support for R&S?


may be interpreted as the following pair of requirements:

  • The Service Provider supports standard SAML V2.0 Web Browser SSO. In particular, the Service Provider has an endpoint in metadata that supports the SAML V2.0 HTTP-POST binding.

  • The Service Provider is a production deployment or one of a group of services that together comprise a production deployment.

The latter includes dev and/or staging instances of the overall Service Provider deployment.