Shibboleth Developer's Meeting, June 7, 2013

...

Daniel summarized the BC/Santuario runtime exception w/RSA keypair verification on behalf of Brent. The issue resulted in a forthcoming vt-crypt feature request to make installation of BC provider optional (currently happens by default). Discussion followed about what components to ship with IdP and the tradeoff between a supported set of system components versus increased maintenance costs w/r/t security and defects.

Ian discussed REFEDS conference and mentioned membership costs and the need for a private forum for operators to have frank, technical discussion.

From Marvin:RE the RSA key matching issue, Chad requested a feature of vt-crypt a while back that provided keypair verification.

...