[Idpy-discuss] Notes: idpy developers call, 13 November 2018

Nick Roy nroy at internet2.edu
Wed Nov 14 18:53:24 UTC 2018

Hi all,

Internet2 is waiting to deploy a new version of Satosa to allow us to integrate with any IdPs in SURFconext, and that is dependent upon PR 485 getting merged and a new release cut. Will that still be happening today?

Thank you,


On 13 Nov 2018, at 7:46, Heather Flanagan wrote:

> Notes:
> Attending: Heather, Ivan, Roland, Jonas L., Davide
> Regrets: Scott, Martin, Christos
> 0. Agenda bash
> 1. Governance update
> Board has the kick off call today.
> 2. idpy developers meeting @ TIIME
> - agenda building
> Handling of micro services (Satosa)
> Handling logging, esp. with plugins (Satosa)
> Handling of XML (pySAML)
> Action: Heather to ask Rainer about having a side meeting
> 3. PR review
> - Satosa (Satosa PRs - https://github.com/IdentityPython/SATOSA)
> Ivan has been working on changing the internal hashing mechanisms; it is all backward compatible but you will get deprecation warnings (PR 196). Now have a new micro service called “hasher”.
> Also worked on OIDC frontend/backend and using self-signed certificates. (PR 197)
> eduTEAMS now only has one commit difference from main branch. (PR 182) Ivan will be working on that soon so that eduTEAMS can be using the main Satosa repository.
> A new Satosa version will be released tomorrow; big change log.
> - pySAML2 (https://github.com/IdentityPython/pysaml2)
> Johan had two PRs regarding Unicode attribute values that needed to be either encrypted or signed. There may be some refactoring of this in the future.
> Ivan is now working on PR 396, related to having the ability to specify which signature or digest method you want to use (right now you can only do that via the configuration file).
> Martin has a new PR (556) around the internal attribute conversion between names and friendly names. Ivan agrees with those changes and will be merging soon.
> Scott has added tests to PR 485. Ivan will be merging this soon and cutting a release.
> Some new issues have been reported. 555 suggests that we put every name in the root name space, but that doesn’t quite work in real life.
> XML and XML operations - Ivan had proposed we use a separate module to handle XML operations, which would also allow us to switch XML back ends.
> - pyFF (https://github.com/IdentityPython/pyFF)
> Leif will be working on separating this code into more discrete components (e.g., discovery will become separate).
> - Governance docs (https://github.com/IdentityPython/Governance)
> 4. AOB
> OIDC federations - would like to run pilots soon. There is a python implementation, but that’s it. Would like to have Satosa be able to handle OIDC federations. If there is a priority list of what will be done soon, Roland would like to see OIDC federations high up on that list. Roland has running flask instances for the RP and OP; it should be fairly straightforward to do something. Not sure about the interface between the front end and Satosa itself. Ivan would like to see this too, though it hasn’t been prioritized yet. Note that Davide is also interested in this effort. Suggest Roland and Ivan have a separate call next week to discuss further.
> Another project is underway within AARC that will depend on Satosa: Evaluating assurance. Expect additional PRs related to this effort.

> _______________________________________________
> Idpy-discuss mailing list
> Idpy-discuss at lists.sunet.se
> https://lists.sunet.se/listinfo/idpy-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sunet.se/pipermail/idpy-discuss/attachments/20181114/d7676ba9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 512 bytes
Desc: OpenPGP digital signature
URL: <http://lists.sunet.se/pipermail/idpy-discuss/attachments/20181114/d7676ba9/attachment.sig>

More information about the Idpy-discuss mailing list