Releasing attributes for science – Why is it so difficult? GÉANT task leader, Lukas Hämmerle shares experiences of GÉANT´s quest to increase the adoption and use of eduGAIN.
In his presentation Lukas Hämmerle highlights the main problems federations have had over time and especially the current problem of not getting any or enough attributes from the identity providers of some institutions.
Why is that? Is it really this dangerous to provide attributes like name, email, unique identifier and affiliation, which are needed by most services? Are the identity providers over cautious of their responsibility? Does the service provider have to join all individual research infrastructure federations instead of just eduGAIN to be able to operate? As consequence to this reluctance, some institutions unintentionally prevent their researchers, lecturers, and students from benefiting from federated identity management and services.
Lukas also introduces ways to solve attributes problem. He encourages identity federation operators not to be “chickens”, and to ensure that the services receive the attributes they need by supporting and motivating Identity Providers to manage attribute release in a reasonable way.
He also suggests that user consent for attribute release is the best way to transparency and urges NRENs and research institutions to share their best practices.
Watch Lukas Hämmerles presentation about 53 minutes into the recording of the conference track Getting The Attributes Flowing: