Attendees: Ivan, Heather, Giuseppe, Johan, Roland, John, Hannah, Matthew, Christos, Leif Regrets: Scott 1 - Status of documentation Hannah is still working on the pySAML2 documentation. Scott K is working on reorganizing the documentation he’s written on GitHub (how readthedocs is organized and presented) No update on the architecture documentation, but it is coming up in priority. Board considers documentation (both user and developer) critical as a way to grow the community. 2 - GitHub review    a. OIDC - https://github.com/IdentityPython (JWTConnect-Python-OidcRP, JWTConnect-Python-CryptoJWT, etc) Regarding documentation, we need a central site that describes how it all fits together. Could we use readthedocs for this? Possibly, but we would need link from the project sites to the documentation site. We have some new people programming in this space: Ori Mizrahi and David Hess. Roland is working with the session management backend.This is mostly working; focusing on the tests now to make sure it works in all cases. When that’s done, it will be very different from the old version. Documentation will be absolutely required (background, design choices, how to use it in context). See branch “new session handling” in https://github.com/IdentityPython/oidcendpoint    b. Satosa - https://github.com/IdentityPython/SATOSA Within eduTEAMS, had an incident that may be related to the memory leak. Unclear, and no more info is available. We have a contribution for an apple signing backend.    c. pySAML2 - https://github.com/IdentityPython/pysaml2 Ivan is working through the algorithm PRs (744 and 745). They aren’t quite passing tests, but as soon as those are sorted, they will be merged. • https://github.com/IdentityPython/pysaml2/pull/744 • https://github.com/IdentityPython/pysaml2/pull/745 Namespace prefix changes to make them more readable. This is mostly a “nice-to-have”. • https://github.com/IdentityPython/pysaml2/pull/326 • https://github.com/IdentityPython/pysaml2/pull/625 Priority list: • Make algorithms configurable, enforcing the policies (see  https://github.com/IdentityPython/pysaml2/pull/744 and 745) • Getting away from xmlsec1 and instead working in memory. Expect we will switch to lxml. • Architecture documentation AOB • At the Board meeting, we talked about normalizing some things across all projects. Example: documentation using readthedocs; how we manage changes and versions (e.g., semantic versioning); change logs. The group needs to discuss this further. We need to add these to future agendas (and to the mailing list) for discussion. • The goal isn’t to enforce this harmonization immediately, but to give each project a direction to start making changes. • If we use readthedocs, it is structured by projects, so even general documentation will need to be structured as a “project" • For change logs, there is what’s automatically available with a revision control, but that doesn’t always describe adequately what actually happened. What may be more useful would be a set of release notes. The release notes should be enough to explain what’s going on to someone deploying the package, and gitlog is what you need as a developer to understand what’s going on. We have discussed this and semantic versioning at a TIIME meeting in 2019. pySAML is not using semver because they decided to have Ivan only work on the current/future work, and only back ports handled the patch version. • Ivan will post a summary and a recommendation around this discussion re: versioning and change logs to the list. Thanks! Heather