Shibboleth Update Fall 2012 - Product Changes and Project Priorities

Slide Note
Embed
Share

Fall 2012 brings changes to the Shibboleth team with Chad moving on to a new job opportunity, Tom Zeller joining as IdP lead, and Ian Young taking over Metadata Aggregator responsibilities. The IdPv3 project is facing impacts on scope and schedule, emphasizing the need to deliver a development plan to the Consortium Board while addressing resource gaps. The Service Provider 2.5.0 release is progressing smoothly, with an upcoming patch update to resolve issues. Updates on SAML, GSS-API, ISOC, NCSA, and more highlight evolving specifications with a focus on authentication methods and identity management. The takeaway emphasizes a proof of concept stage with continuous evolution of specifications and complementary overlaps with Project Moonshot.

gtin
gtin Follow

Uploaded on Dec 12, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Shibboleth Update Fall 2012

  2. Ch-ch-changes Chad moving on to new job opportunity, requires realigning product responsibilities and reviewing roadmap Tom Zeller coming on board as IdP lead Ian Young assuming responsibility for Metadata Aggregator Other roles largely the same 2

  3. IdPv3 Scope and schedule inevitably impacted Priority for project team is delivering a dev plan to the new Consortium Board this month Identify resource gaps, then adjust plan or find resources 3

  4. Service Provider 2.5.0 release smooth apart from traditional packaging foibles Pending outcome of an issue under investigation, End of Life for V2.4.3 will be Nov 30th 2.5.1 patch update under development to address Apache 2.4 support, other bugs as time permits 4

  5. SAML ECP + GSS-API/SASL + ISOC + NCSA = SSH IMAP LDAP XMPP NFS AFS 5

  6. SAML ECP in GSS-API https://wiki.oasis-open.org/security/SAML2ChannelBindingExt Authentication of TLS client/server session via SAML IdP https://wiki.oasis-open.org/security/SAML2EnhancedClientProfile Backward-compatible profile adding channel binding, holder of key security, session key establishment http://tools.ietf.org/html/draft-ietf-kitten-sasl-saml-ec GSS-API mechanism allowing use of IdP with ECP Expose SAML identity via GSS-API Naming Extensions SASL support via GS2 bridge mechanism

  7. Takeaways Proof of concept stage, specs still evolving No browser for authentication, no implicit web- based flows alongside the real ones Strong complementary overlap with Project Moonshot: client UI and IdP provisioning GSS client and server changes use of SAML-based identities, GSS naming extensions likely to share code 7

Related


No related presentations.

More Related Content