Versions Compared

Old Version 18

changes.mady.by.user Henri Mikkonen

Saved on

compared with

New Version Current

changes.mady.by.user Ian Young

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Shibboleth Developer's Meeting, 2021-03-05

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-03-19. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Zoom system at GU, see ZoomGU for see ZoomGU for access info.


AGENDA

  • Shibboleth UI / V4.1 (Mike Grady)
  • Unrelated to the new way of updating PGP_KEYS we have the question of how to sync its contents into projects which carry a copy around, e.g., IdP plugins?
  • PGP_KEYS: retiring old / less secure ones to an "OLD" key file?
  • Freeze for non-showstopper code on 3/12
    • Hope Spring 5.3 patch is out the week of 3/15
    • Release the week of 3/22

Attendees:


Brent

  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyOSJ-82

    • Done! Yay.
    • Long story short: The W3C xmlsec group shutdown in Dec 2016, so no-go on the mail list.  No new people can join.  But I'm certain that in the code we should allow both direct data encryption and key wrap.  If we want to force wrap at some point, we can do in config.
    • Since I did the interfaces to support both algos, I'm now also 99.5% done with implementing classic Diffie-Hellman. One pesky issue with DHKeyValue which I think is either a conceptual mistake in the spec or a serious oversight in Java.
  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyOSJ-328
    • Unless/until Scott's testing shows it's not fixed, then I don't know what else we can do here, pending more real world testing.
  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyOSJ-332
    • Recently noticed somebody marked this as fixVersion = 4.1.0.  Not me, and based on his comments probably not Scott... The OP?  Do we even want to do this?
  • Are people using any local config in Eclipse to warn on fatal Javadocs errors?  If there is a config that makes sense, should we consider putting that in as .settings as per-project config?

...