This document is an attempt to rewrite the R&S specification for clarity and simplicity without breaking existing R&S deployments.
Note |
---|
The following draft text is for discussion only! For comparison, the official normative text is shown below the horizontal line. |
...
Code Block | ||
---|---|---|
| ||
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <!-- entity attribute for SPs that conform to R&S --> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support"> <!-- the refeds.org R&S entity attribute value --> <saml:AttributeValue> http://refeds.org/category/research-and-scholarship </saml:AttributeValue> </saml:Attribute> </mdattr:EntityAttributes> |
...
Code Block | ||
---|---|---|
| ||
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <!-- entity attribute for IdPs that support R&S --> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support"> <!-- the refeds.org R&S entity attribute value --> <saml:AttributeValue> http://refeds.org/category/research-and-scholarship </saml:AttributeValue> </saml:Attribute> </mdattr:EntityAttributes> |
...
The R&S attribute bundle consists of the following attributes:
- non-private shared user identifier
- person name
- email address
where non-private user shared user identifier is a persistent, non-reassigned, non-targeted identifier defined to be any one of the following:
...
and where email address is defined to be the mail
attribute.
6. Attribute Request
Service Providers SHOULD request a subset of the R&S attribute bundle that represents only those attributes that the Service Provider requires to operate its service.
7. Attribute Release
An Identity Provider supports the Research & Scholarship (R&S) category if, for some subset of the Identity Provider’s user population, the Identity Provider is willing and able to release the R&S attribute bundle to all conforming R&S Service Providers without administrative involvement, either automatically or subject to user consent.
An Identity Provider MUST release the complete R&S attribute bundle to any conforming R&S Service Provider upon request, without regard for any R&S attributes requested in SP Service Provider metadata.
...
2. Syntax
The following URI is used as the attribute value for the Entity Category and Entity Category Support attribute: http://refeds.org/category/research-and-scholarship
...
Service Providers SHOULD request a subset of R&S Category Attributes that represent only those attributes that the Service Provider requires to operate its service.
6. Attribute Release
Identity Providers are strongly encouraged to release the following bundle of attributes to R&S category Service Providers:
...