[Shib-Dev] 7/4 Meeting Agenda

0 views
Skip to first unread message

Chad La Joie

unread,
Mar 31, 2011, 8:49:56 PM3/31/11
to shibbol...@internet2.edu
When: April 7, 1600UTC

Agenda:
- IdP v2.3 Update (Chad)
- Testing frameworks and methods in OpenSAMLv3, IdPv3, etc.
(Rod, Brent, Chad)
- Update on WebFlow usage in IdPv3 (Chad)
- Updates from IETF (Scott)
- AOB

Dial In Information:
Via Skype: +9900827048693800 (you must include the '+')
Do not use an open mic and speakers, it produces a bad echo.
Mute your mic when not speaking.

Via Phone:
Room Number: 8693800
United States +1 (201) 793-9022
Canada +1 (201) 793-9022
Austria +43 (0) 82040115470
Belgium +32 (0) 7 0357134
France +33 (0) 826109071
Germany +49 01805009527
Ireland +353 (0) 818270968
Italy +39 848390177
Spain +34 (9) 02885791
Switzerland +41 (0) 8 48560397
United Kingdom +44 (0) 8454018081
Mute your phone when not speaking. You may use *2 to mute/unmute if
your phone does not have such a feature.


[1]
http://www.timeanddate.com/worldclock/fixedtime.html?month=4&day=7&year=2011&hour=16&min=0&sec=0&p1=0
--
Chad La Joie
http://itumi.biz
trusted identities, delivered

Tom Zeller

unread,
Apr 7, 2011, 9:07:07 AM4/7/11
to shibbol...@internet2.edu, group...@internet2.edu, fife...@lists.jasig.org, mace-p...@internet2.edu
>  - AOB

[massive cross-posting]

Per last shib-dev call, I was supposed to write up thoughts regarding
an ldap interface to the attribute resolver.

Given a reasonably simple, generic, and implementable search api
across a variety of sources, e.g. idp - attribute resolver - ldap and
rdbms data connectors, is a search enabled idp realistic ? (where
"idp" means an attribute resolver accessible over saml, maybe ldap,
maybe maybe spml)

A search enabled "idp" could be a source to grouper for subjects
(members), enabling federated groups. With an ldap interface, a
searchable federation of "idp"s might enable a virtual federated
directory, directly or through provisioning.

A recent thread (Gary Cole @ Oracle) on the oasis pstc explores
simplifying search. In general : "search name1 == value and name2 !=
value2 and name3 starts_with foo" might comprise reasonably
implementable search functionality.

I can imagine a potential collaboration between the sstc and pstc, as
well as a joint conversation between grouper and shibboleth (and
fifer-api ?). And then there's access management (paccman) ...

I have included a link to the Directory of Directories for Higher
Education (DoDHE) project, circa 2001, which I hope will point a way
to a federated ldap dit (directory information tree) including groups
and privileges, whether using referrals or otherwise.

TomZ

[1] https://wiki.shibboleth.net/confluence/display/DEV/DCN20110324

[2] http://lists.oasis-open.org/archives/provision/201104/msg00006.html

[3] http://middleware.internet2.edu/dodhe/ppt-html/DoDHE-Parts/DoDHE-Parts_files/v3_document.htm

Chad La Joie

unread,
Apr 7, 2011, 10:38:44 AM4/7/11
to shibbol...@internet2.edu
And just a reminder (and to compensate for any time zone conversion
mistakes), this meeting is in about 1.5 hours.

Chad La Joie

unread,
Apr 8, 2011, 9:20:42 AM4/8/11
to shibbol...@internet2.edu
Meeting notes are now online:
https://wiki.shibboleth.net/confluence/display/DEV/DCN20110407

On 3/31/11 8:49 PM, Chad La Joie wrote:

Reply all
Reply to author
Forward
0 new messages