[cas-dev] [Shib-Dev] seeking feedback on Shibboleth 2.2 Roadmap

Scott Battaglia scott.battaglia at gmail.com
Wed Sep 24 12:02:46 EDT 2008 

Shibboleth Team,

Greetings from the CAS team :-).  Thanks to Steven and Scott for letting us
know the Shibboleth 2.2 Roadmap is now available.  We've been interested in
comparing it to our own vision and direction and seeing where and if they
intersect.  It appears, we're interested in tackling a few of items, or at
least both investigating them:

1. OpenId 2 - We've been looking at it as a lightweight method for getting
rid of temporary ids associated with admissions systems, as well as removing
the need to prematurely create NetIds.  Essentially, a student can log into
the Admissions application using something like their AIM Screen Name, and
as long as we track them we can transition them to a NetId later on (if
necessary). This eliminates those temporary admissions ids that everyone
forgets.  We've also been looking at it for more lightweight federation
needs. I.e. we have some systems like Sakai that allow a guest lecturer into
the system to manage the course.

2. OAUth Support - We've been interested in OAuth, or at least something
similar to support the cases where we're deploying desktop applications that
need to authenticate users (i.e. our Cable Management tool).  They can use
LDAP, but then they have access to the user's password.  We've seen some
gaps with OAuth that would need to be patched (i.e. it doesn't look like it
does attributes exchange?, but I may have missed it).

3. N-tier support in SAML - One of the things that we handle in CAS is
proxy/delegation/n-tier, but we don't handle a bunch of the cases that SAML
handles (i.e. we don't pass back attributes), that we'd potentially like to
tackle.  We'd be extremely interested in SAML supporting n-tier (its one of
the things that we'd hoped to discuss at the UnConference, more on that
later)

4. REST vs. SOAP.  We're also seeing a trend towards REST from SOAP (and
we're hoping to add more into CAS). We've designed our architecture such
that we can support any marshalling layer on top, but future profiles
supporting RESTful API seem like a good way to go.

5. InfoCard - Its also something we've been looking at though you guys seem
much further along in your analysis than we are.

For comparisons sake, our Roadmap & Vision are here:
http://www.ja-sig.org/wiki/display/CAS/CAS+Vision+and+Roadmap and our
initial high-level thoughts on what protocol functionality we'd like to see:
http://www.ja-sig.org/wiki/display/CAS/Protocol

The JASIG UnConference is the week of October 6 - 8 + Developer Days of 9 -
10.  At the UnConference we're planning on having some major discussions on
the Vision, Roadmap, and Protocol functionality and we'd like to encourage
any interested Shibboleth developers to join us (either in person, or via
video/tele-conference).  Benn Oshrin and Bill Thompson will also be at
Internet2 the week after for anyone who can't make it to the UnConference
but would be interested in discussing the two roadmaps. I'd also be
interested in seeing continued discussions between the two groups occur
on-list if anyone else thinks that could be beneficial.

-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia


On Tue, Sep 23, 2008 at 11:10 AM, <Steven_Carmody at brown.edu> wrote:

> The Shibboleth team has made available its current thinking about the next
> point release of the Shibboleth software. This information is available at:
>
> https://spaces.internet2.edu/display/SHIB2/Shibboleth+2.2+Roadmap
>
> The team is seeking comments and feedback. The first section of the
> document identifies specific functionality, and the priorities currently
> assigned by the team. The second section describes several areas where we
> are seeking community input before possibly beginning any implementation
> effort. Note that there are two sub-pages providing additional detail: one
> on Consent Release of Attributes, and one on Information Card Support.
>
> Please send your comments to the shibboleth-dev AT internet2.edu mailing
> list. Directions for subscribing to this list are available at
> http://shibboleth.internet2.edu/lists.html .
>
> The Shibboleth team would like to thank the community for its
> contributions, comments, and feedback over the years. Please let us know
> what you think of our current plans.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20080924/2d599c66/attachment.html

More information about the cas-dev mailing list