Pseudonymous Access
Significant work on 5.1; brought up some material from Deployment Guidance for IdPs, noted that two of the four attributes may not have values
Suggestion that supporting documentation needs to explain how to handle situations like proxy services, IdPs of Last Resort. "Consider a user in the following situation ... Does that mean I am not supporting this EC?"
Moving back to Anonymous
Reminder about whether an SP can register more than one EC is an open question, because it is in conflict with 4.1 in Pseudonymous. It's technically possible but not required by policy. Personalized and Pseudonymous cannot be registered together, but Anonymous can work with Pseudonymous. If there's a contractual relationship, then none of this is relevant. This is about non-contractual scenarios, or where blanket contracts are in place. What about the reverse, when an IdP says they will only support one EC, and the SP wants to say "I want Personalized, but can live with Pseudonymous in order not to fail."
Next call:
May 4 @ 07:00 (same time slot) - will come back to Anonymous and the question about if/how to indicate whether an SP can indicate support for more than one of this family of ECs