Shibboleth Developer's Meeting, 2022-10-21
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-11-04. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Decision on destroy methods in bean files - default it or explicitly set it?
(if time) Signing keys/supply chain attack defense
Attendees:
Brent
- JSSH-16Getting issue details... STATUS
Refactoring in progress. Large chunk of java-shib-shared done. Have to do a deeper dive into some changes around TLS.
Daniel
Henri
Offline today
Ian
Spring Framework 6.0.0-RC2 and Spring Boot 3.0.0-RC1 are out. GA will be next month. No statement on SWF yet.
MDA 0.10 in progress.
John
Updating Amazon Linux images
Fargate builder
Marvin
Phil
RP docs and code cleanup
Thinking about adding a keyset endpoint to the RP like the OP - a bit more involved than I thought, but perhaps should target this for v1?
Thinking about dynamic registration - but not confident I could get that in place for v1.
Thinking about UserInfo response formats - it can be either a plain JSON object or a JWT. Signalled by Content-Type header. But this could be manipulated, not sure this is much of a problem but I have added a setting to force JWT types only (off by default so supports either).
Fixed up the assembly, so can be installed as a plugin to a running IdP - tested it with a fresh plugin build and sign of the commons lib.
Rod
Scott
Xerces 3.2.4 patch
Likely officially moving project to requiring C++-11
- JSSH-9Getting issue details... STATUS
Overblown but we don’t reference impl classes anymore and I did modernize the Java random APIs
- IDP-2023Getting issue details... STATUS
Likely the biggest hassle for upgrades to V5
- IDP-1935Getting issue details... STATUS
Worked around this issue for now, I think we want to open up more of the decryption APIs in V5 to be Criterion-based
SP is being brought up to date after refactor, adding components for metadata, attribute handling
Tom
updating certs in integration tests for V5