shibboleth-dev - shib - possible contents of the next release
Subject: Shibboleth Developers
List archive
- From:
- To:
- Subject: shib - possible contents of the next release
- Date: Wed, 14 Jan 2004 11:30:45 -0500
These lists are based on my notes from the conf call discussion ten days ago, as well as reviewing email describing changes that have been made over the last six months.
NOTE: this next release (v1.2 ?) will be able interoperate with shib v1.0 and shib v1.1
1) support for apache-2
2) announce support for W2003 as a target platform
3) finalize the implementation of the trust fabric, and improve the management of trust data and credentials. When targets receive a HTTP request forwarded from an origin site Handle Service, they will remember which Federation the origin site belongs to. Targets will use that Federation's trust file to validate the received credentials, and will use the target's credentials within that Federation when contacting the origin site's Attribute Authority.
? In preparation for supporting a multi-federation origin, the origin will manage trust and credentials using the same files as the Targets.
? Syntax and directives for Target side configuration will change (but hopefully will now remain stable for a while).
4) Improvements to the WAYF (lively discussing coming out of yesterday's discussion with campuses; hopefully, some easy-to-implement suggestions will appear....)
5) Recommendations on how to operate a robust Federation
6) Support for Application Domains within Targets. App Domains will be referenced with URIs, both within target side configuration files and within ARPs.
7) Provide vastly improved support for the AA's use of an SQL data source.
8) Include additional attribute definitions in the distribution files (eg targetedID ?)
9) Provide support for Audit logging
10) Document suggestions on configuring an origin for improved performance
11) Many important bug fixes.
Questions:
1) say anything, do anything about vhost support?
2) do we anticipate having to include any code in the AA, to support expected functionality in the ARP GUI?
3) any policy-related stuff related to name identifiers.....? (AI - Walter email to list)
4) Provide a dynamic method for setting authMethod?
5) ARP-aware resolvertest?
This release will NOT include:
1) the native java target implementation
2) the web-based ARP GUI
3) Multi-federation origin.
- shib - possible contents of the next release, Steven_Carmody, 01/14/2004
Archive powered by MHonArc 2.6.16.