Versions Compared

Old Version 16

changes.mady.by.user Rod Widdowson

Saved on

compared with

New Version 17

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Shibboleth Developer's Meeting, 2019-08-02

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 16th. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.


AGENDA

  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyIDP-1472
     (Rod)
    • Do we have a definitive list (of characters to bar)
    • What to do about Transcoders (is their work to map bad characters)?
  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyIDP-1181
     (Rod)
    • See my summary 
    • Where do we want fast fail to end up?
  • Jetty version.  This is still pinned to 9.2
    • Empirically the CAS tests run ok with 9.3
    •  The testbed documentation Explicitly says 9.3  Does 9.4 work?  Can this page be made formal?
    • Jira Legacy
      serverShibboleth JIRA
      columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
      serverId180d847f-bce4-36b2-9964-771bff586829
      keyIDP-1304

...

  • Jira Legacy
    serverShibboleth JIRA
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyOSJ-279
  • Jira Legacy
    serverShibboleth JIRA
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyJSPT-91
  • Jira Legacy
    serverShibboleth JIRA
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyINFRA-223
  • FYI: CentOS 8 team now report that they are "working" on RC.


Marvin


Phil

  • 10 days off, no progress.
  • Will continue or start
    • https://issues.shibboleth.net/jira/projects/IDP/issues/IDP-1191 : Deeper investigation and testing of the flow execution listener CSRF protection
    • IDP-1476 : add a SameSite servlet filter to add SameSite=none cookie attribute to the IdP session cookie.
    • Add a test that checks the/a container does not allow session id’s in URLs when configured not to - as is the case in Jetty < 9.4.12.v20180830.


Rod

  • Do we care about reloading metadata providers  at depth > 1 (this thread)
  • Installation
    • Technologies?  Our requirements are fixed, but there must be a better least worst technology
    • Greater user control.

...