Shibboleth Developer's Meeting, 2023-05-05

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2023-05-19. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

1. OP/RP plugin release

2. V5 docs, link edit issue

3. SSPCPP-969: cpp-linbuild manifests do not match actual RPM/SRPM productsResolved

4. IDP-2002: Migrate all unmanaged config files into core moduleClosed

   1. Test implications

Attendees:

Brent

• IDP-2069: Null Handling TaskClosed

  • per Scott’s request, reviewing what else needs to be done in ConfigurationService and related, and metadata resolvers

• OSJ-362: Add support for dynamic config to DecrypterClosed

  • Have a tentative plan, need to prove it out. Details in the issue.

Daniel

Henri

• JOIDC-152: Implement maximum refresh time and/or maximum refresh uses.Closed

  • First time for me to deprecate a property and a profile configuration option

  • Trickiest part was to find a way to log about the use of MDDriven property

• JOIDC-154: Improve authorization_code replay revocation lifetimeClosed

  • Misleading WARN-line in the logs due to wrong XML-wiring - Still in-line with what we’ve documented

• For the release

  • Documentation for the security configuration - commons or OP?

  • Release notes should cover clear steps how to update the old custom security configuration into a new format

Ian

• Debian 12 (Bookworm) GA is 2023-06-10.

John

• SSPCPP-969: cpp-linbuild manifests do not match actual RPM/SRPM productsResolved

  • Tested package renaming via Obsoletes on all six supported platforms

  • Various minor SPEC improvements

  • Identified latent conflict with xerces-c on Amazon Linux 2 (mainly)

  • Need input on conflict avoidance approach and relative naming for libraries vs binaries (xerces-c, xml-security, and opensaml)

• Bump Amazon Linux images

Marvin

Phil

• Getting the RP ready for release.

  • Deployed to test IdP

  • Deployed alongside OP

  • Certification suite testing: JOIDCRP-27: OpenID Foundation conformance suite testingClosed

Rod

• code tidy

  • Warning removal

  • Making use of newer helper method (e.g. JSSH-27: Implement an ensureId method to help with nullability annotationClosed

  • JSSH-30: Consider removing the LazyMap/Set/ListOpen

• Back burner task thinking about V5 installer

  • Need to gather requirements

  • Where are we on Modules?

Scott

• IDP-2083: Treat NonnullElements as the default for collectionsClosed

  • Gradually reviewing packages and then annotating. Goal is eventual elimination of use of annotation outside of packages and removal in most cases of additional null checking from collections.

  • Adding missing annotations and thus making additional cleanups during reviews.

• V5 documentation

  • Did some work on SystemRequirements page, needs more work

• Some IdP backlog

Tom

Other