5:04 p.m.
Attendees:
Giuseppe, Ivan, Johan, Roland, JohnP, Scott, Heather, Peter
1 - GitHub review
a. OIDC - https://github.com/IdentityPython
Released 2.0 a few weeks ago
(https://github.com/IdentityPython/oidc-op/releases/tag/2.0.0) Discovered some backward
compatibility issues that are being addressed; 2.1.0 will be released this week. These
issues were not discovered in testing and impacted eduTEAMS in particular. We can add them
in tests now that we're aware of them. Community is always encouraged to help with
testing prior to releases.
What might also help: if the eduTEAMS project had routinely been making code available for
others to use, some of this could be avoided as there would be more eyes on the work
Question about the OIDC front end: idpy does not maintain pyOP; we encourage people to
look instead to oidc-op. For Satosa, we don't have another choice at this time. By
default, we promote the new one, but it is possible to create a module to use the old one
that uses pyOP. We don't really have a date for the changes as it depends on
eduTEAMS.
Question about identity assurance
(https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html) Roland has most
of the code, but there are handling issues. Example: if you get the information from
different sources, they will verify information in different ways and you'll need to
keep those separate. Roland expects to have something in another week that people can use
to start testing. Assurance may relate to having a digital wallet; we haven't
considered this much in the overall architectures for idpy. What about WebAuthn? Giuseppe
has a PoC.
Question about logout: this is an ongoing challenge, and logout has known issues. Until
those are a bit more clear in terms of what can be supported, not sure it's useful to
build logout models into Satosa.
b. Satosa - https://github.com/IdentityPython/SATOSA
Satosa and microservice from Peter
Gietz: https://gitlab.daasi.de/didmos2/didmos2-auth, https://gitlab.daasi.de/didmos2/didmos2-auth/-/tree/master/src
Please send additional updates and questions to Slack
c. pySAML2 - https://github.com/IdentityPython/pysaml2
Please send updates and questions to Slack
d. pyFF - https://github.com/IdentityPython/pyFF
Please send updates and questions to Slack
2 - Discussion
FYI - work is continuing on creating the W3C FedID Community Group. Draft charter is
here: https://github.com/hlflanagan/fedidcg. Will have a call to discuss the charter on
July 6 @ 13:00 UTC.
Thanks! Heather