Attributes (what Microsoft calls "claims") make up the "stuff" of identity manifested digitally. An identity is represented by the set of attributes an application can associate with an authenticated request. They may come from a mix of federated and local data, may be subject to varying amounts of trust in their "truth", and may uniquely identify individuals or describe only groups or general properties associated with the identity.
- Common Schemas in Use
- Naming
- Assurance Implications
- Privacy Laws
- Storing/Caching at SP
- Offline use
- Other use cases?
- SP Asking vs. IdP Releasing
- Specifying requirements (queries, metadata, policy files, web pages, etc.)
- User Consent
- Boarding Process
- Handling errors / missing information
- Aggregation of Sources
- IdP vs SP Aggregation
- Privacy Implications
- Consent Implications