Shibboleth Developers

[Scott Cantor <>]

> 1) Current programming issues/questions
>       what programming still has to be done for v1.2?

Will try to make call but I expect to get called for a trial sometime early
afternoon unless I get lucky.

There is a ton of programming left, but I'm making progress. All of the
pluggable behavior in the 1.1 target is pushed into a new extension library
so it can be updated or patched independently as well as replaced by other
communities (grid, etc). I have revised APIs defined that all targets (C++,
Java, etc.) should use for access to metadata, credentials, trust
evaluation, 

The new APIs push more of the SAML trust decisions into the extension
library and out of the main code libraries. The metadata API is also modeled
after Liberty/SAML metadata based on current proposals and should be close
enough that the final spec metadata format can be mapped into the API
somehow.

I have recoded all but the trust piece (and added support for CRLs) and am
working on that now, should be done next couple of days and then I can piece
everything back together for testing and check it in. I have the credentials
stuff ported over to Walter's format for specifying Credential Resolvers.

Once that's all done, the XML config file has to be implemented and plugged
into the system. I'm saving that for last because it's invasive but not that
sophisticated, and I want to get the hard stuff working first.

I have left the 1.x "Sites" file alone and have mapped it to the new API so
that we can plug in SAML 2.0 metadata later. It should be possible to hack
it all together and get all the versions to speak with each other with
Walter's compatibility changes. The "Trust" file is changing but it's
relatively static, so I don't think publishing both the old and new format
is a problem for our current federations and I don't expect 1.1 to last that
long anyway.

-- Scott