Haka's organization selection service (https://wiki.eduuni.fi/x/QoigAQDiscovery Service) is based on the Discovery Service Protocol specification (https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery .pdf). The protocol uses redirects in the browser, and redirects are a means of fishing for user data. To reduce the risk, the protocol defines a check for the used addresses, so that the selection service only directs to the desired destinations.
...