2021-03-05
Shibboleth Developer's Meeting, 2021-03-05
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-03-19. Any reason to deviate from this?
60 to 90 minute call window.
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
- Shibboleth UI / V4.1 (Mike Grady)
- Unrelated to the new way of updating
PGP_KEYS
we have the question of how to sync its contents into projects which carry a copy around, e.g., IdP plugins? PGP_KEYS
: retiring old / less secure ones to an "OLD" key file?- Freeze for non-showstopper code on 3/12
- Hope Spring 5.3 patch is out the week of 3/15
- Release the week of 3/22
Attendees:
Brent
-
-
OSJ-82Getting issue details...
STATUS
- Done! Yay.
- Long story short: The W3C xmlsec group shutdown in Dec 2016, so no-go on the mail list. No new people can join. But I'm certain that in the code we should allow both direct data encryption and key wrap. If we want to force wrap at some point, we can do in config.
- Since I did the interfaces to support both algos, I'm now also 99.5% done with implementing classic Diffie-Hellman. One pesky issue with DHKeyValue which I think is either a conceptual mistake in the spec or a serious oversight in Java.
-
-
OSJ-328Getting issue details...
STATUS
- Unless/until Scott's testing shows it's not fixed, then I don't know what else we can do here, pending more real world testing.
-
-
OSJ-332Getting issue details...
STATUS
- Recently noticed somebody marked this as fixVersion = 4.1.0. Not me, and based on his comments probably not Scott... The OP? Do we even want to do this?
- Are people using any local config in Eclipse to warn on fatal Javadocs errors? If there is a config that makes sense, should we consider putting that in as .settings as per-project config?
Daniel
- Nothing for today.
Henri
- Testing, minor fixes and Alpha releases for the OP plugin
-
-
JOIDC-42Getting issue details...
STATUS
- Progressing well: some minor improvements needed to make test suite happier: e.g. (back-channel) error message contents
Ian
- - IDP-1761Getting issue details... STATUS
- - GEN-276Getting issue details... STATUS
- Consequent on GEN-276, inventorying keys and thinking about improvements.
John
- cpp-linbuild:
- enabled Docker image rebuild upon build script changes
- factored RPM macros out of Dockerfiles
- working on implementing "clean" targets
Marvin
Phil
- Sorted my PGP key. Thanks to Ian for all the help.
- - JDUO-31Getting issue details... STATUS
- - JDUO-34Getting issue details... STATUS improve field/state guarding for shared classes.
- Released 0.9.1 of the Duo plugin, and 0.0.3 of the oidc-common plugin.
Rod
- Nothing of note (a couple of installer fires)
Scott
- - SSPCPP-911Getting issue details... STATUS
- - IDP-1756Getting issue details... STATUS
- Finished first round of OIDC docs
- Started testing with mod_auth_oidc
- - JOIDC-36Getting issue details... STATUS
Tom
- nothing really, clearing space to dig into testing
Other