[Idpy-discuss] Notes: idpy Developers Call, 12 March 2019
roland at catalogix.se
Tue Mar 12 13:43:49 UTC 2019
Sorry, missed the call due to DST skew :-/
Christos a while ago talked about the need to be able to return user information in the ID Token as a default.
In another project the same need had arisen so now I’ve almost done implemented it.
> On 12 Mar 2019, at 14:23, Heather Flanagan <hlflanagan at sphericalcowgroup.com> wrote:
> Johan, Heather, Ivan, Rainer
> Project updates
> Not much on the public repos. There has been quite a bit of work on eduTEAMS, which has a lot to do with microservices and how they use Satosa. Also has impact on the OIDC libraries.
> Did do a fix for an issue Scott had with regards to how XMLsec errors were handled. First fix sent the code into an endless loop (oops) but latest patches should be fine. This patch will generate a new release, based on the new way we have agreed to generate releases.
> Release process
> We will cut a new release and it will be tagged with a branch. Community maintainers will work in the branch space, and core developers will work on the master branch. Latest release for pySAML is 4.6.5. Ivan will cut a new release (4.6.6) and then that branch will be incremented by the community maintainers (220.127.116.11 for first change).
> Alternatively, Ivan could cut a 4.7 release, and community maintainers would maintain the minor release numbers only. This seems to make more sense; Ivan will do this.
> Description of the release process text is copied in each repo. Heather to update it and pull that back into one location so that we only have to change it in one place.
> Next on the list for Ivan: Satosa and pySAML2
> Fixing redirect binding and some options set in Satosa but which are configured in pySAML2 (how we handle sign_assertion, sign_response, sign_alg, digest_alg). This is the same issue we’ve been talking to Martin about; this impacts eduTEAMS, SURF, and others.
> Ivan will cut another release later this week with the fixes for above included. (This will be edition to the release today that fixes xmlsec)
> Another issue: https://github.com/IdentityPython/pysaml2/issues/592 <https://github.com/IdentityPython/pysaml2/issues/592> do not properly check the certificate as a result of some of the configuration options. Will be changing the default values to require this checking; that may break some existing implementations. Ivan will be investigating further. This more a misconfiguration than a security issue.
> Reminder: we’ll have another call in a week; Daylight Saving Time skew will still be a problem so check your calendars!
> Idpy-discuss mailing list
> Idpy-discuss at lists.sunet.se
Can anything be sadder than work left unfinished? Yes, work never begun. -Christina Rossetti, poet (5 Dec 1830-1894)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Idpy-discuss