WG - Attributes In Motion - Attribute Handling Best Practices
Executive Summary
Brief Introduction to Attributes in an Identity Ecosystem
- need to limit the scope of what attributes we're talking about - is this the correct scope?
Attributes in a Global Context
- EU Data Handling
- Gov't of Canada policies
Attributes from an Identity Provider Perspective
- What can an IdP reasonably provide?
Attributes from a Service Provider Perspective
- What can/should a Service Provider ask for?
Attributes from a Relying Party Perspective
- What can a Relying Party expect to see?
- What permissions/consent should be covered?
Topics to definitely include
- attribute Level of Confidence
- attribute life cycle
- self-assertion vs. third-party asserted
- risk management in handling attributes
{"serverDuration": 13, "requestCorrelationId": "1290540c45fc415f9b3081e83cecb460"}