Shibboleth Developers

this continues to move forward. As previously mentioned, it will be 
using the SAML v2 metadata format to describe federation members. 
Shib v1.3 will support this metadata format (and we think there will 
be a plugin available for v1.2 to allow it to use this format).

There's a big question that I'll put in the next note (which metadata 
elements should the program display, and allow people to enter when 
they register with the federation).

Here's a set of other questions:

1) We decided to provide simple security. When you register, enter a 
userid and password. To edit or delete your entry, you'll need to 
remember your userid and password.

-- can we reuse one of the SAML data elements as the userid? the 
entityID? or just have people create something that looks more like a 
userid?

-- how to do authn? The app runs within Tomcat, and it makes a lot of 
sense to leverage Tomcat's authentication functionality, if at all 
possible. Use Tomcat form authn, and have it use a local file with 
userids and passwords?

-- the app is currently using paths like this -- 
InSecure-Proto/newEdit.do -- to enter the various functions. Could 
Tomcat authn be associated with some functions (eg newEdit), but not 
others (eg Register)?

-- how do we want to handle the trust fabric? just include 
self-signed cert's right in the metadata entry?

-- how much help text (describing the various metadata elements) do 
we want to provide? About the same amount we currently provide on the 
IQ register pages?  more, less?

-- do we want to add any graphic or logo elements to the pages?