OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] SAML deployments that use consent step?


> Josh, can you expand on just what your IDPs are NOT asking consent  
> for? ie what operations/data flows.
> Paul

We only have partial visibility of our customers' interactions, as we  
rely on them to volunteer this information to us. You can view the  
attribute requirements of the RPs that /do/ choose to volunteer this  
information here:

http://www.ukfederation.org.uk/content/Documents/AttributeUsage

I don't wish to bore the list with the details of the EU data  
protection regime; suffice to say, we believe that consent is only  
infrequently a practical or efficient instrument for protecting user  
privacy. Indeed, it is often too easy for IdPs to misuse consent to  
the detriment of their users' privacy.

While we're on the subject, I've always been a bit puzzled about the  
use-cases for the consent identifiers; in particular, why an RP might  
care whether consent has been given or not.

josh.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]