Skip to Content.
Sympa Menu

mw-announce - Shibbing News for November, 2004

Subject: Middleware Announcements

List archive

Shibbing News for November, 2004


Chronological Thread 
  • From: Renee Frost <>
  • To: ,
  • Subject: Shibbing News for November, 2004
  • Date: Thu, 18 Nov 2004 12:45:52 -0500

Shibbing News -- Nov. 18, 2004

Index:

Project Information
# Shibboleth v1.2.1 is NOW Available
# Shuibboleth v 1.3 update
# E-Authn Status
# IdP Installation Checklist now Available

Vendor Info
# Elsevier
# OCLC update

Partner Info
# JISC Shibboleth Update
# International Meeting: Authentication and Authorization Infrastructure
# Grid Shib update / NMI Awards

Reports / General Info
# EDUCAUSE Quarterly Article on Shibboleth
# Burton Paper


Upcoming Meetings / Presentations
# CNI presentation in December
# Inside ID Mtg - Ken Klingenstein presentation


# Shibboleth v1.2.1 is NOW Available
Shibboleth v1.2.1 is now available. This point release includes many bug fixes. In addition, there are two notable additions to the packaging: 1) the SP (target) implementation in this version will build and run on Mac OS X (the IdP (origin) implementation already ran on OS X), and 2) RPMs are being provided to simplify the installation of the SP (target) side on Fedora Core. RPMs are available on the Shib distribution site for the dependencies as well as the Shibboleth components.


# Shibboleth v1.3 update
Shibboleth version 1.3 will be rolling out early next year. We wanted to alert people to this and to point out some planned enhancements in this version which will include many feature and functionality enhancements, including completing the support for having a single copy of the HS/AA be a member of multiple federations, extensive refactoring of the code in anticipation of upcoming work to provide interoperability with IBM and Microsoft's WS-Security framework, and support for use of Shibboleth by the Grid Security Protocols and LionShare. This version will be certified for use within the US Federal E-Authentication initiative.


# E-Authn Status
The Shibboleth Core team recently successfully completed Phase One of its Federal E-Authentication pilot project. A modified version of the Shibboleth v1.2 software successfully interoperated with test sites operated by the federal E-Authentication Labs. Phase Two of this project will integrate this support into a standard Shibboleth release (v1.3, currently slated for release in March, 2005), and ensure that this version passes the E-Authn Certification tests. Phase Two will also work to align the policy and trust models used by E-Authn and the InCommon Federation.

E-Authn certification would mean that campuses could use the Shibboleth software, and the InCommon federation, to interact with Federal government web sites. For instance, it is expected that the NSF Fastlane site will be accessible via E-Authn, and thus researchers on "shib-enabled" campuses would be able to easily and more quickly manage interactions with NSF and other federal agencies.


# IdP Installation Checklist now Available

We've now run several InstallFests -- 4-5 hour sessions designed to help campuses get a pilot IdP installation operational quickly and effectively. We're now publishing the "Checklist" that we've been giving to attendees; its proven to be a very effective tool for session attendees and we think that it would be useful outside of the session context. This collects and condenses information that is currently found in several sources, and presents the information in a "cookbook" approach. The Checklist does not contain any of the reference material currently found in the deploy guides. The Checklist, of necessity, removes some of the flexibility and choices that sites would ordinarily have during the installation process; in return, it provides a single complete step by step description of an installation and configuration within the InQueue federation. the checklist is available at http://shibboleth.internet2.edu/guides/identity-provider-checklist.html .


# Elsevier
Elsevier's ScienceDirect recently completed its pilot project to deploy and test Shibboleth with a small group of campuses including Dartmouth College, Georgetown University, New York University, Penn State, and UC, San Diego. This will ensure ScienceDirect is in a good position to make Shibboleth authentication available to a wider audience and helps Shibboleth and the InQueue/InCommon federations move forward. ScienceDirect will be willing to work with any site that wishes to begin using Shibboleth-enabled access. If you would like to begin using Shibboleth enabled ScienceDirect please contact Niels Weertman <N.Weertman at elsevier.com>.


# OCLC update
OCLC will soon be upgrading to Shibboleth 1.2 and will change the URL for shib-enabled access to FirstSearch. The URL has been http://s-pilot.dev.oclc.org:1441/FirstSearch/ or https://s-pilot.dev.oclc.org:1991/FirstSearch. It will change to http://shib.dev.oclc.org:2080/fs/ or https://shib.dev.oclc.org:2443/fs/. OCLC will be using InCommon for their production environment.

For more information contact Eva Allen < allene at oclc.org>.


# JISC Shibboleth Update
The PERSEUS team at LSE (with valuable help also from James Sankar of UKERNA and Terry Morrow) helped organize a Shibboleth InstallFest as a technical workshop for the JISC Core Middleware Projects. John Paschoud, says "It was a great pleasure to see Nate Klingenstein and Walter Hoehn of Internet2 again (who were 'imported' to run the workshop - most expertly), and to show them a few bits of 'quaint' English culture on their first visits to the UK." In addition to the successful practical outcomes, the event was a valuable learning experience to feed into future development of the JISC Core Middleware Infrastructure project.

Information provided by John Paschoud, Project Manager, PERSEUS, London School of Economics & Political Science.


# International Middleware Meeting: Authentication and Authorization Infrastructure
An international peering meeting was held in the Cotswolds, UK, October 14 -15 to discuss interconnecting national authentication and authorization infrastructures to support the research and education community internationally. It was attended by representatives from Australia, Finland, the Netherlands, Spain, Switzerland, UK, US and CERN. Documents, experiences, and issues relating to national federations were shared. Issues included agreeing on policy framework, comparing policies, correlating application usage to trust level, aligning privacy needs, working with multinational service providers, and scaling the WAYF function. Discussions focused on Internal Federations, Inter-Federations, and Union of Federations. Major outcomes included assembling a "cookbook" or guidance documentation, establishing a website for communication, and potentially establishing a short term position to coordinate the activities.
http://www.incommonfederation.org/docs/other/Intl-middleware-oct-2004.html


# Grid Shib update / NMI Awards
The Division of Shared Cyberinfrastructure in the Directorate for Computer & Information Science & Engineering of the National Science Foundation has recently awarded the Univ.of Chicago and the National Computational Science Alliance (NCSA) funding for a "Policy Controlled Attribute Framework." These projects will integrate "GSI and Shibboleth to form a robust attribute infrastructure for campus environments to enable secure verification of user attributes by inter-institutional Grid users." More information will be coming out soon from the receiving organizations.

The award abstracts can be seen online at:
http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=0438424
http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=0438385


# EDUCAUSE Quarterly Article
The new Shibboleth article is out in volume 27 Number 4 of the EDUCAUSE Quarterly. The article is available online at the address given below.

"Federated Security: The Shibboleth Approach" By R. L. "Bob" Morgan, Scott Cantor, Steven Carmody, Walter Hoehn, and Ken Klingenstein
http://www.educause.edu/ir/library/pdf/eqm0442.pdf
http://www.educause.edu/pub/eq/eqm04/eqm0442.asp


# Burton Paper
As part of its Directory and Security Strategies Overview, the Burton Group released a document on Shibboleth. Principal Consultant Doug Simmons reviews the Shibboleth standard, its current implementations, its relationship with existing standards, and its future. Burton Group focuses on "offering in-depth analysis of infrastructure technologies. Burton Group's unbiased, in-depth, technical research and advice helps IT technologists and architects make smart enterprise architecture decisions in increasingly complex environments."

The document can be found at: http://www.burtongroup.com/research_consulting/doc.asp?docid=899 Please note that you need to be a Burton subscriber to access the document. We understand that many member sites do have subscriptions, so you might check around your campus to see if there is a subscription allowing you to read this document.


# CNI presentation in December
The Coalition for Networked Information (CNI) will hold it's winter meeting on December 6-7 in Portland, OR. This is a reminder to those who will be attending that there are plans for a middleware update including current status and future plans for Shibboleth to be presented by Nathan Dors, University of Washington. Be sure to attend to catch up on the latest information.

For information about the meeting see: http://www.cni.org/tfms/2004b.fall/index.html

# Inside ID Mtg - Ken Klingenstein presentation
The Inside ID Conference in DC on Nov. 15 - 17 included a track on Models of Federated ID and Web Services. Ken Klingenstein was invited to present on InCommon: A Shibboleth-based Research and Education Federation. For more information:
http://www.jupiterevents.com/insideid04/agenda2.html#130-1

"Inside ID Conference & Expo helps define and nurture the evolving discipline of modern identity management, covering some of the most pressing challenges of our uncertain world including: digital identity, homeland security, identity theft and financial transaction fraud." -- Inside ID Conference web site


Renée Woodten Frost
Associate Director, Middleware and Security
Internet2
3025 Boardwalk Suite 200
Ann Arbor, Michigan 48108
phone: 734-913-4293 fax: 734-913-4255



  • Shibbing News for November, 2004, Renee Frost, 11/18/2004

Archive powered by MHonArc 2.6.16.

Top of Page