2016-04-01

Owned by Ian Young
Last updated: Apr 01, 2016 by Tom Zeller
2 min read

Shibboleth Developer's Meeting, 2016-04-01

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2016-04-15. Any reason to deviate from this?

60 to 90 minute call window.

 

Call Details

This week's call will use the Lync system at OSU. To participate, call:

  1. +1 (614) 688-1800 (please use if possible)
  2. +1 (800) 678-6114 (use only if you're charged for the 614 number)

The Conference ID is: 738127#

International participants should be able to access the 800 number without charge through Skype.

AGENDA

  1. Duo inclusion?
  2. 3.3 scope
    1. not really a discussion topic, more a call for features people want included so we can think about schedule, suggest we do that on dev list
  3. https://tools.ietf.org/wg/tokbind/

 

Attendees:

 

Brent

 

Daniel

 

Ian

  • Subversion to Git conversions:
    • All five remaining v2 repositories in final review.
    • Both remaining v3 repositories in progress
    • Hope to be done in April.
  • XmlSecTool v2
    • kicking off
  • MDA 0.10
    • still stalled waiting on external contributions
    • will import more stuff from UKf as low priority task

Marvin

Fixed IDP-956.

Rod

  • Some IdP Work (
  • SP Windows Dependency build
    • Automate
    • Move to  VS2015
    • Status:
      • VS2015 requires MS extensions to run STL. Sigh.  It also represents another edge case for Log4shib
      • Working on curl.  I envisage the rest to be relatively eas
      • Contributions back to Log4Shib and Xerces, XML-Security pending

 

Scott

  • Completed a login flow for linking two authentication factors implemented as separate flows, working with Password+Duo
    • https://code.osu.edu/cantor.2/idp3-osu-ext.git
    • Note that c14n has become an assumed responsibility of the login flows now, to make connecting them easier
    • TBD: attribute lookup capability, factoring out the second factor flow
    • Unclear if it's worth trying to generalize further for >2 factors, but I think a simpler model for handling 2 is worth including anyway
  • Did some work on the "Developer" half of the wiki space, combining the "Design" topics with the extension developer material
    • Did some work on documenting the Authentication flow and login flow requirements, contexts, review would be useful
  • Completed work on IDP-948, haven't documented anything yet, probably will be part of breaking apart some of the current RP docs
  • Added some material on supported protocols and started fleshing out protocol/profile-specific topics under RP Configuration, will be better documenting the SAML profile options that way

Discussed the TIER consent work/plans with Marlena Erdos

Tom

  • End of March, so time to ping about OIDC work ?
  • TIER testbed IdP install
    • Vagrant / Docker / Jenkins 2 / DCHQ
  • Server maintenance, will update Jenkins today
  • Upgrading from V2 : access to IdP session from a Filter ?

Other