Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Shibboleth Developer's Meeting, 2020-11-06

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2020-11-20. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.


AGENDA

  1. OIDC plugin - versioning, planning
  2. Duo plugin - delivery of the two alternative implementations vis a vis the plugin/module system
  3. EC2 postmortem

Attendees:


Brent


Daniel


Henri

  • dev/JOIDC-5 merged to main
  • Hands-on with the plugin model
    • JOIDC-16 - Getting issue details... STATUS  
      • First successful tests with the plugin installer
      • OIDCOPModule / OIDCOPPlugin (net.shibboleth.idp.plugin.oidc.op)

Ian

  • xmlsectool 3: will cut a beta in the next week or so
    • this will require a release of Java parent and java-support
    • will also be doing a scan of xmlsectool's dependencies, incl: Bouncy Castle & Santuario


John


Marvin


Phil

  • JDUO-18 - Getting issue details... STATUS  I went a bit off plan looking into CRL and OCSP revocation checking - at the expense of some other plugin things, my mistake.
    • Most of the info is either in the ticket or in the email thread - thanks Brent for helping with that.
    • Thanks to Brent's IdP changes, revocation checking can be enabled without requiring a static CRL
      • Although you **must** enabled one or both of CRL download from DPs, or OCSP - otherwise, it will always fail.
      • Needs good documentation to highlight the configuration and issues to the deployer
      • Might benefit from some CertPathPKIXValidationOptions checking when injecting the trust evaluator e.g. throw an exception if revocation checking is enabled, but a static CRL (although no way to validate that on startup) or CRLDP or OSCP properties were not set.
  • JDUO-20 - Getting issue details... STATUS removed the auth0 dep, now signs Nimbus JWTs using a - sigh - invalid key.


Rod

  • Nothing


Scott

  • Updating documentation with 4.1 changes
  • Testing
  • JOIDC-15 - Getting issue details... STATUS
  • GEN-268 - Getting issue details... STATUS


Tom


Other




  • No labels