Page History

...

• eduPersonPrincipleName - A "scoped" identifier that consists of two parts, a local identifier within the originating institution and an identifier for the institution, for example, John.Smith@ucmerced.edu. eduPersonPrincipleName provides global uniqueness throughout InCommon, but different institutions will assert different values for a person who has affiliations with those multiple institutions, and it is not defined to be persistent over time; it can be reassigned to another person.
• eduPersonTargetedID - Also a "scoped" identifier, so it is globally unique throughout InCommon.  It is also defined to be persistent over time, so it cannot be reassigned to another person.  It enhances privacy, as the value of eduPersonTargetedID is different for different target services.  Unfortunately, it is difficult for an application to determine a person's eduPersonTargedID before the person's first session with the application, so it is not usable for applications that require their users to be provisioned before the first session. There has been recent work (see http://staff.washington.edu/fox/notes/tgtid.shtml), though, that could make eduPersonTargetedID useful when provisioning is required by providing an IdP control over its values.
• UCnetID uCnetID - UCnetID uCnetID is a ten-digit number that is unique throughout UC, and all UC locations will assert the same value for people who have multiple affiliations within UC.  It is defined to be persistent over time and cannot be reassigned to another person.  In order to assure the same value across all of UC, a person's Social Security Number and date of birth are used to create a new UCnetIDuCnetID, so it is currently valid only for UC employees.

...

The "Strong match possible?" column specifies whether it is possible to acquire SSN and date of birth from the target user community for the application (in order to assign a uCnetID).

...