> Nick Lowe wrote: > I would have thought that it is perfectly reasonable to return the > identity back in the case you have roaming federations as long as it > was an agreed requirement beforehand. > I am of the opinion that this -should- be mandated as part of Eduroam, > for example.
I'd have to disagree. We don't want to know anything about eduroam guest users other than an ID which to hand authorities which they can use to investigate with the home institution. The less we know, the less work we have to do when we get a subpoena. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
