You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -27,7 +27,7 @@ The scope deliberately resembles, and often is, a DNS domain name, but is drawn
Relying parties should not treat this identifier as an email address for the subject as it is unlikely (though not precluded) for it to be valid for that purpose.
*The unique ID should not change as a result of a change to any other data associated with the subject (e.g., name, email address, age, organizational role)*
*The unique ID should not change as a result of a change to any other data associated with the subject (e.g., name, email address, age, organizational role)* This essentially forbids the use of name-based identifiers since it is impossible to guarantee that name-based identifiers will never change.
A given value MUST identify the same subject regardless of the context of use or the relying parties to which the Attribute is given. It is therefore to be assumed by relying parties that receive a given value that the same subject has been identified.
