Shayna was away - thank you to Ivan and to Enrique for making notes at the meeting. Attendees: Ivan, Mikael, Enrique 0 - Agenda bash 1 - Project review a. General - b. OIDC libraries - https://github.com/IdentityPython (idpy-oidc, JWTConnect-Python-CryptoJWT, etc) c. Satosa - https://github.com/IdentityPython/SATOSA - new release: v8.5.1 <https://github.com/IdentityPython/SATOSA/releases/tag/v8.5.1> that updates the plugin for the LDAP attribute store with new capabilities. d. pySAML2 - https://github.com/IdentityPython/pysaml2 - There are two new pysaml2 releases: - v7.5.1 <https://github.com/IdentityPython/pysaml2/releases/tag/v7.5.1> - update the dependencies, especially to avoid issues with the pyOpenSSL library. - there is ongoing work to remove the dependency altogether: #879 <https://github.com/IdentityPython/pysaml2/issues/879>, PR 977 <https://github.com/IdentityPython/pysaml2/pull/977> - v7.5.2 <https://github.com/IdentityPython/pysaml2/releases/tag/v7.5.2> - update the supported XML Encryption schemas to include v1.1 - There are ongoing discussions about compatibility with Python3.13. The relevant issue is #976 <https://github.com/IdentityPython/pysaml2/issues/976> and *PR 978* <https://github.com/IdentityPython/pysaml2/pull/978> e. Any other project (pyFF, djangosaml2, pyMDOC-CBOR, etc) - PyFF: - discussed the issue with Microsoft using a non-absolute URI as the entityID. The relevant issue is #291 <https://github.com/IdentityPython/pyFF/issues/291>. - The general consensus is that we need to support this for now but probably emit a warning about this issue. - Another issue that came up is support for older versions. The relevant issue is #290 <https://github.com/IdentityPython/pyFF/issues/290>. - Mikael proposed that we provide the user what they need (as this is rather easy) but make a note that older versions are not officially supported and it is at the discretion of the users to make use of such versions. - The last thing we discussed was the issue with duplicate entities. The relevant issue is #289 <https://github.com/IdentityPython/pyFF/issues/289>. - Enrique had posted on the mailing list about the PoC he started with commit 0fb326d60 <https://github.com/enriquepablo/pyFF/commit/0fb326d6043c1a3c6c2bb9a431cf4a98e600270f> . - The current changes introduce a new structure. All other pipelines will need to change to make use of the new structure. We agreed that further discussion and ideas about how to handle such duplicate cases is needed. Maybe we can add configuration options to control how to merge duplicate entities (probably complex), or try to encode two different behaviours (probably won't cover all cases). - There is more discussion on this topic which can be found in Enrique Arnaud's message to the discussion list which immediately precedes these meeting notes. 2 - AOB