Update person-identifiers.adoc

person-identifiers.adoc

@@ -47,22 +47,22 @@ mp: OID is permanent, not shared name is a name-based identifier (other could be
 internal id: No
 ==== opaque (not name-based or otherwise recognizable) Y/N
 
-- permanent (changes are rare or non-existent)
+==== permanent (changes are rare or non-existent)
 can be merged if necessary.
 
-- re-assignable (once assigned, a given identifier value will never be reused and assigned to another person)
+==== Non re-assignable (once assigned, a given identifier value will never be reused and assigned to another person)
 
 
-- pairwise (formerly called targeted): A person has a different identifier for each service or resource provider with which they interact
+==== Pairwise (formerly called targeted): A person has a different identifier for each service or resource provider with which they interact
 
 
-==== What is the primary, wholly internal person identifier in your package?
+=== What is the primary, wholly internal person identifier in your package?
 
 COmanage: identifier modules to generate identifiers with the desired characteristics; 
 
 KeithL: If you make a REST call: here's user, get the OID, use that in the actual REST call
 
-==== What identifier(s) do you expose to other packages? Internal ID plus tuple source/identifier
+=== What identifier(s) do you expose to other packages? Internal ID plus tuple source/identifier
 generate anything you want, configurable; DO NOT USE OID; mP API is a case where you could use OID, 
 
 - Do you maintain a crosswalk between each external system identifier and your internal identifier?
@@ -75,9 +75,8 @@ connectors can work w opaque: UID (used to link to the midPoint user, and anothe
 If UID link breaks, correlation can relink.
 
 
-- - -
 
-Hypothetical Precondition:
+=== Issue: Timing of unique identifier assignment in IAM system
 
 A person was just now added to a System of Record,
 midPoint has not yet processed this, so has no record of their existence