...
As to other contexts, that is unclear. The definition of eduPersonTargetedID is suitably generalized to be compatible with the SAML concepts it was copying, but may or may not be suitable as a way of describing similar concepts in other standards. This is an open question.
Why are there two seemingly similar identifiers eduPersonPrincipalName and eduPersonUniqueId?
eduPersonPrincipalName has the format of a name-based identifier, scoped to the domain of the Identity Provider; it will seem familiar to many users, but because it is name-based, the ePPN assigned to a given person is subject to change, which is a problem for services that maintain a user profile or record. In contrast, eduPersonUniqueId is intended never to change; it is more suitable as a permanent identifier of a specific user.
Under what circumstances would one use eduPersonEntitlement rather than LDAP group membership to indicate specific access privileges?
MACE-Dir Working Group Space
spaces.at.internet2.edu/display/macedir/MACE-Dir+Working+Group+Space?preview=/2309/98307063/Practices-in-Directory-Groups_BartonT_2002_letter.pdf