[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-dev
Subject:    Re: v3 consent to attribute release : attribute hash function ?
From:       "Cantor, Scott" <cantor.2 () osu ! edu>
Date:       2014-09-08 17:42:40
Message-ID: D0336294.55EC1%cantor.2 () osu ! edu
[Download RAW message or body]

On 9/8/14, 1:40 PM, "Tom Zeller" <tzeller@dragonacea.biz> wrote:

>Oh, and, is there a case where we just want to store the
>IdPAttributeValues in plaintext ? If the DataSealer is going to
>encrypt the cookie anyway, do we need the hash of values ? The hash
>seems bigger than the values, is my guess.

There's probably some truth to that, but I think the concern of having PII
stored in these records is enough to make that a bad idea.

-- Scott

-- 
To unsubscribe from this list send an email to dev-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]