On Wed, Oct 10, 2012 at 4:34 PM, Joe St Sauver <[email protected]> wrote: > The nice part about Shib, from a privacy POV, is that you only release/get > the attributes that may be necessary (thereby preserving user privacy).
A rather optimistic view of federated identity... a) Who determines what is "necessary" and how? b) How do you prevent collusion between SPs or SPs and IdPs? _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
