Attendees
Johan, Giuseppe, Ivan, Heather, Matthew
Regrets
Scott, Roland
0 - Agenda bash
1 - Administrivia
a. Summer call scheduling - next call 9 August 2022
b. mailing list/website
Ivan fixed the mailing list links, but it highlights that we should think about how the website is organized and consider making it look more like a documentation website along the lines of an FAQ; we can have each question and answer as a PR to the website. Some concern that the answers may be complicated, which won't translate well to a website, but we can try this out and see how it looks. Giuseppe has opened several issues that we can experiment with. Developers would prefer this kind of documentation in documentation files rather than elsewhere, but we don't have a documentation site suitable for this (yet).
2 - Frameworks and Storage
Re: storage - can either treat this as a key/value store--this gives the users the opportunity to choose their own backend storage--or we can require specific storage and then take advantage of their features, thus tying us into specific platforms.
Re: framework - Ivan is leaning towards FastAPI; it is gaining in popularity and is light/flexible. We will use its tutorials on how to connect to a database. There are choices in the ORM space. This would prevent us from using Reddis.
3 - GitHub review
a. OIDC -
https://github.com/IdentityPython (JWTConnect-Python-OidcRP, JWTConnect-Python-CryptoJWT, etc)
Need to consider having the develop branch as the default branch. Things are being merged to the wrong branch.
Roland is working on the refactoring of the RP code. Likely will see more work on this in September.
There are some PRs open around revocation and client credentials. For the client credentials, it's unusual because there is no user; the PR uses the client ID as the user ID.
b. Satosa -
https://github.com/IdentityPython/SATOSA
Some new interest from people Giuseppe introduced at TNC22. Ivan has offered a list of where we need development assistance:
AEGID (sp?) in Italy has started using Satosa to act as the proxy between Italian infrastructure and eIDAS.
Satosa image that Matthew created is going to be the default image.
Changes around the cookies have not proceeded yet.
c. pySAML2 -
https://github.com/IdentityPython/pysaml2
Big changes coming up on formatting (not functionality). Important parts are the make file and config; will be using poetry. Expect to submit the MR in the next week or so.
pySAML2 includes XML templates via manifests. When we switch to poetry, we will need to make sure that these files are properly included.
re: the project to replace xmlsec1, Ivan is still working on that. Needs to write the tests for the new code.
pySAML2 is on the top 1% of packages downloaded from pypy.
d. Any other project (pyFF, djangosaml2, etc)
new djangosaml2 release earlier this month. Now compliant with latest releases of django; dropped some features that are no longer required. (
https://github.com/IdentityPython/djangosaml2/releases/tag/v1.5.1)
4 - AOB
OIDF and idpy - is there an opportunity to share something wrt compliance testing around OIDC Federation?
https://github.com/oauthstuff/draft-selective-disclosure-jwt - Guiseppe has started contribute to this draft. Should we consider splitting the code in our documentation from the specification?
SSI work? Ivan still has the task to go through the requirements and consider how we can build a new library in idpy. Remember to review
https://ted.europa.eu/udl?uri=TED:NOTICE:309685-2022:TEXT:EN:HTML&src=0 for the requirements of a reference implementation.