...
- Identity vetting: how an end user demonstrates his/her identity at the time when s/he receives the authentication credential from his/her Home Organisation (e.g. by presenting government photo-id face-to-face at a registration desk or self-registration on-line with)
- authentication: how an end user proofs his/her identity to his/her Home Organisation's Identity Provider server when s/he logs in (e.g. password or multi-factor authentication with a certificate or token)
...
- all user identities (accounts in the Home Organisation) belongs to an individual person (i.e. there are no shared accounts like "libraryuser1")?
- and all users are traceable (i.e. the Home Organization knows who they are and can reach them)?
- and the Home Organisation is willing to collaborate with you if you think their user misbehaves in your service?
- That that you (as an SP) can block him/her from your service?
...