edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Ian Young <ian AT iay.org.uk>
- To: Etienne Dysli Metref <etienne.dysli-metref AT switch.ch>
- Cc: edugain-discuss AT lists.geant.org
- Subject: Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update
- Date: Mon, 25 Nov 2019 13:49:33 +0000
- Feedback-id: 217.155.173.110
On 2019-11-25, at 13:03, Etienne Dysli Metref <etienne.dysli-metref AT switch.ch> wrote:On 25/11/2019 11.39, Ian Young wrote:I'd really prefer not to speculate on a version that old. You should
migrate to the current version (0.9.2) as soon as you can.
Is there any argument speaking for the urgency of such an upgrade?
The MDA hasn't really had security issues as such, but there have been a couple of changes in the java-support bundled with it which have security implications in obscure situations. I wouldn't say that was an urgent reason to upgrade though, except as a matter of principle.
Upgrading now would get you something that you can get support for, and move you past the majority of API changes so that when we finally get to 0.10/1.0, it's probably a much smaller thing.
0.8 and 0.9 also brought in a _ton_ of new features, so you can do a lot more with the current one than you could do in 2013.
I'll have to carefully plan that together with xmlsectool and MDA
configuration upgrades. I broke the SWITCHaai federation once, I'm not
eager to repeat the experience...
Understood. The good thing about most of what the MDA does is that you can just run both versions and compare the output and gain confidence in your upgrade that way.
I found out I could modify that template as was done in [1] to avoid
using this extension:
<xsl:template match="ds:X509Certificate">
<xsl:element name="ds:X509Certificate">
<xsl:text> </xsl:text>
<xsl:value-of select="translate(normalize-space(.),'
','
')"/>
<xsl:text> </xsl:text>
</xsl:element>
</xsl:template>
This has the same effect, except breaking lines at 64 characters, so
I'll go with that.
Seems reasonable.
-- Ian
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, (continued)
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Cantor, Scott, 20-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Nick Roy, 20-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Etienne Dysli Metref, 21-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Ian Young, 20-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Etienne Dysli Metref, 22-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Davide Vaghetti, 22-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Nick Roy, 22-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Ian Young, 25-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Nick Roy, 22-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Ian Young, 25-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Etienne Dysli Metref, 25-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Ian Young, 11/25/2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Etienne Dysli Metref, 25-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Ian Young, 25-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Etienne Dysli Metref, 25-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Davide Vaghetti, 22-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Etienne Dysli Metref, 22-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Davide Vaghetti, 21-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Leif Johansson, 21-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Davide Vaghetti, 21-Nov-2019
- Re: [eduGAIN-discuss] eduGAIN SAML profile and MDS update, Leif Johansson, 21-Nov-2019
Archive powered by MHonArc 2.6.19.