Shibboleth Developers

[Walter Hoehn <>]

On Oct 5, 2004, at 12:01 PM, Ian Young wrote:
> Has a definite decision been made yet about version compatibility 
> going forward?  In particular (given availability of suitable 
> metadata, take that as given):
>
> (a) when there is a 1.3, will it interwork with 1.2?

Definitely.

> (b) when there is a 1.3, will it interwork with 1.1?

Probably.  We would strongly prefer to deprecate 1.1 support as soon as 
possible, but don't want to pull the rug out from under anyone.  So, we 
intend to leave 1.1 support in the 1.3 code unless we can verify that 
our core constituencies are all off of 1.1 by the release.

Going forward, a 2.0 release would, I'm sure, support interoperability 
1.2/1.3 but not 1.1.

> I'd like to know that the answer to (a) was "yes", so that we can 
> build federations and not have to persuade everyone to have a single 
> "flag day".
>
> I think, though, that I'd like to know that the answer to (b) was 
> "no", as I have some concerns about version rollback attacks and the 
> sheer complicated business of keeping the number of protocol variants 
> in check.  Not perhaps the most important reasons, but removing the 
> legacy code (and the documentation of the legacy modes of working) 
> seems to me to be a real plus.
>
> Are there definitive answers to these questions yet?
>
>         -- Ian

Attachment: smime.p7s
Description: S/MIME cryptographic signature