Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Shibboleth Developer's Meeting, 2020-10-16

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2020-11-06. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Zoom system at GU, see ZoomGU for see ZoomGU for access info.


AGENDAAdd items for discussion here

  1. CVE-2020-13956

Attendees:


Brent

  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyOSJ-304
    • OpenSAML code done and 90% tested.  IdP parser and schema support pending.
  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyOSJ-82
    • Next major item on my todo list.


Daniel


Henri

  • Jira Legacy
    serverShibboleth JIRA
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyJCOMOIDC-2
    • Added complete unit tests + improved Javadocs/style
    • java-oidc-common needs to be added to Jenkins
  • Starting hands-on with the plugin stuff

Ian


John


Marvin


Phil

  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyJDUO-16
     Duo are not changing their key length to meet the spec. Auth0 (lib they use) are not going to enforce the key length requirement either.
    • Will look to do the MAC computation directly using the standard JCA Mac algorithm - to remove the dependency on Auth0.
  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyJDUO-18
     Added a PKIX trust engine to pin the set of trust anchors required in Duo API TLS connections. Is done, maybe I need to think about CRLs or OSCP. 
    • Added the X509 certs for those root CAs to the Nimbus client module of the Duo plugin also. 
  • Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyJDUO-19
     Update plugin to be inline with the new module and plugin changes
    • Probably mostly there, but I need to be sure of that.


Rod

  • Plugins almost done
    • API / installation format firmed up.  Maybe
    • Documentation next.  Then we can revisit the POM (its pretty cookie cutter now)
    • License wording needs thoughts
    • What guards do we put into place for IdP  upgrades?
    • Can we punt I18N to 4.2?
  • With 
    Jira Legacy
    serverShibboleth JIRA
    columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
    serverId180d847f-bce4-36b2-9964-771bff586829
    keyIDP-1651
     done (Unix only), are there any other module impacts on the installer
  • Then back to JIRA

Scott

  • Built out standard classes for plugins
  • Working on documentation updates for all the new material
    • examples of tab extension in authentication topics
  • Considering idea to add a classpath:* hook to import beans into all the reloadable services

...