I agree, this is what we do, and it works well. By nesting an
assertion in Advice, an IdP implicitly asserts: 1) I am an IdP Proxy,
2) I trust the IdP indicated in the nested assertion, and 3) I have
validated the response that previously contained the nested assertion.
That would violate privacy in the general case, I was referring to passing
along the context, not an assertion.