/
2016-04-01

2016-04-01

Apr 01, 2016

Shibboleth Developer's Meeting, 2016-04-01

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2016-04-15. Any reason to deviate from this?

60 to 90 minute call window.

 

Call Details

This week's call will use the Lync system at OSU. To participate, call:

  1. +1 (614) 688-1800 (please use if possible)

  2. +1 (800) 678-6114 (use only if you're charged for the 614 number)

The Conference ID is: 738127#

International participants should be able to access the 800 number without charge through Skype.

AGENDA

  1. Duo inclusion?

  2. 3.3 scope

    1. not really a discussion topic, more a call for features people want included so we can think about schedule, suggest we do that on dev list

  3. https://tools.ietf.org/wg/tokbind/

 

Attendees:

 

Brent

 

Daniel

 

Ian

  • Subversion to Git conversions:

    • All five remaining v2 repositories in final review.

    • Both remaining v3 repositories in progress

    • Hope to be done in April.

  • XmlSecTool v2

    • kicking off

  • MDA 0.10

    • still stalled waiting on external contributions

    • will import more stuff from UKf as low priority task

Marvin

Fixed IDP-956.

Rod

  • Some IdP Work (

  • SP Windows Dependency build

    • Automate

    • Move to  VS2015

    • Status:

      • VS2015 requires MS extensions to run STL. Sigh.  It also represents another edge case for Log4shib

      • Working on curl.  I envisage the rest to be relatively eas

      • Contributions back to Log4Shib and Xerces, XML-Security pending

 

Scott

  • Completed a login flow for linking two authentication factors implemented as separate flows, working with Password+Duo

    • https://code.osu.edu/cantor.2/idp3-osu-ext.git

    • Note that c14n has become an assumed responsibility of the login flows now, to make connecting them easier

    • TBD: attribute lookup capability, factoring out the second factor flow

    • Unclear if it's worth trying to generalize further for >2 factors, but I think a simpler model for handling 2 is worth including anyway

  • Did some work on the "Developer" half of the wiki space, combining the "Design" topics with the extension developer material

    • Did some work on documenting the Authentication flow and login flow requirements, contexts, review would be useful

  • Completed work on IDP-948, haven't documented anything yet, probably will be part of breaking apart some of the current RP docs

  • Added some material on supported protocols and started fleshing out protocol/profile-specific topics under RP Configuration, will be better documenting the SAML profile options that way

Discussed the TIER consent work/plans with Marlena Erdos

Tom

  • End of March, so time to ping about OIDC work ?

  • TIER testbed IdP install

    • Vagrant / Docker / Jenkins 2 / DCHQ

  • Server maintenance, will update Jenkins today

  • Upgrading from V2 : access to IdP session from a Filter ?

Other