Shibboleth Developers

["Scott Cantor" <>]

> I would note that Scott continues to add items to the shib wiki, and 
> that some of the  new items are relevant to  the v1.3 design 
> discussions. (here are also items that seem  to be in the FAQ 
> direction.) A log of recent changes is available here:
> 
> https://authdev.it.ohio-state.edu/twiki/bin/view/Shibboleth/WebChanges

The recent one is an AttributeAcceptancePolicy topic that corresponds to a
rewrite of the C++ AAP plugin that I just checked in. This should address
most of the requirements I got from the UK about separating attribute
definitions from SP policy. I'll probably throw a Java port together this
week.

> One goal for this week should be to reach consensus on the validation 
> issues that triggered so much email last week.

I'm not sure that the opposing viewpoint to validation has seen anything
compelling in terms of what "leverage PKI infrastructure" really means, but
I'm not really interested in belaboring this. As long as people understand
that the *only* key that matters at all is the metadata signer, I guess
people can do what they like.

I will produce a schema for the CA extensions today or tomorrow and post
that for discussion. It will probably resemble the current trust elements,
so no shocks expected.

-- Scott