Draft list of MACE-Dir work items for the near term (2010 Q4, 2011 Q1)
Identifier best practices for Grid-like scenarios
eduPersonTargetedID has the desired properties of persistent linkage of a given value to a specific real world person and non-reassignability. If available, this is the recommended person identifier for Resource Providers in Grid-like scenarios.
eduPersonPrincipalName is currently used as the person identifier in many Grid and Grid-like scenarios. The potential reassignment problem can be addressed by urging IdPs to publish an ePPN Reassignment Hiatus Period in years. That is, the minimum number of years before a once-used identifier will ever be reassigned to a different real world person.
Extensibility via new attributes vs extensibility via new values for existing attributes
If we have groups and entitlements, what more do we need?
If we have globally unique values, do we even need groups and entitlements?