#duraspace IRC Log


IRC Log for 2012-01-03

Timestamps are in GMT/BST.

[0:20] * bradmc (~bradmc@c-67-165-0-74.hsd1.pa.comcast.net) has joined #duraspace
[0:35] * bradmc (~bradmc@c-67-165-0-74.hsd1.pa.comcast.net) Quit (Quit: bradmc)
[0:36] * bradmc (~bradmc@c-67-165-0-74.hsd1.pa.comcast.net) has joined #duraspace
[6:27] -zelazny.freenode.net- *** Looking up your hostname...
[6:27] -zelazny.freenode.net- *** Checking Ident
[6:27] -zelazny.freenode.net- *** Found your hostname
[6:27] -zelazny.freenode.net- *** No Ident response
[6:27] * DuraLogBot (~PircBot@atlas.duraspace.org) has joined #duraspace
[6:27] * Topic is '[Welcome to DuraSpace - This channel is logged - http://irclogs.duraspace.org/]'
[6:27] * Set by cwilper!ad579d86@gateway/web/freenode/ip. on Fri Oct 22 01:19:41 UTC 2010
[6:27] -zelazny.freenode.net- [freenode-info] channel trolls and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
[11:24] * bradmc (~bradmc@c-67-165-0-74.hsd1.pa.comcast.net) Quit (Ping timeout: 244 seconds)
[13:08] * mhwood (mwood@mhw.ulib.iupui.edu) has joined #duraspace
[14:31] * EdAtTheAlliance (1809d1a2@gateway/web/freenode/ip. has joined #duraspace
[14:39] * ajs6f (89369bdb@gateway/web/freenode/ip. has joined #duraspace
[14:56] * dlacy (9968a9ab@gateway/web/freenode/ip. has joined #duraspace
[14:58] * dlacy (9968a9ab@gateway/web/freenode/ip. Quit (Client Quit)
[15:00] * barmintor (~benjamin@cpe-72-229-190-215.nyc.res.rr.com) has joined #duraspace
[15:01] * elschlomo (4e2a62d3@gateway/web/freenode/ip. has joined #duraspace
[15:08] * dlacy (9968a9ab@gateway/web/freenode/ip. has joined #duraspace
[15:10] <ajs6f> Hey, Dave!
[15:10] <dlacy> greetings
[15:10] <barmintor> Starting the Fedora Committers' meeting
[15:10] <barmintor> https://wiki.duraspace.org/display/FCREPO/2012-01-03+-+Fedora+Committer+Meeting
[15:11] <barmintor> No actions to review from last week
[15:11] <barmintor> Discussion topic: FESL AuthN Filters
[15:12] <barmintor> Adam, Swithun, et al looking to review and improve the legacy filters
[15:13] <ajs6f> https://jira.duraspace.org/browse/FCREPO-893
[15:14] <barmintor> Code at https://github.com/sprater/fcrepo/commit/ed60df4ba9434897bdeede4120a96e070d22b132
[15:14] <barmintor> Issues that have come up point to Fedora 4 design
[15:15] <barmintor> Plan a fuller report in the (near?) future
[15:15] <ajs6f> Yes, very near.
[15:15] <barmintor> Current FESL AuthN filter is proving difficult to use in proxy contexts
[15:17] <barmintor> Legacy filters operate on BASIC AuthN, and pass around B64 serialization of a Principal (!!)
[15:17] <ajs6f> Actually, the Base64 encoding of the credentials themselves!
[15:18] <barmintor> This is all poorly conceived and should be fixed
[15:19] <barmintor> Adam: Are you interested in moving towards a more Kerberos or Shibb-like model? You mention tokens/tickets.
[15:19] <barmintor> Adam blames Dave for this idea
[15:19] <ajs6f> Dave-- please chime in here! {grin}
[15:20] <barmintor> Frank advocates a REST friendly approach
[15:20] <dlacy> I really don't know where to begin. I'm am not entirely sure how the Kerb and shib models work.
[15:22] * discoveryjonatha (8eb07d27@gateway/web/freenode/ip. has joined #duraspace
[15:22] <barmintor> Adam: How much responsibility does Fedora have for this stuff (shouldn't this be handled by the container? - bja)
[15:22] <ajs6f> Dave-- Frank is pointing out that REST would advocate against using tokens or the like to maintain state on the server.
[15:23] <ajs6f> He's also pointing out that so doing would require Fedora to complexify it's handling of auth information considerably.
[15:23] <barmintor> Frank references a useful recipe for REST-friendly authn from O'Reilley
[15:24] <barmintor> Adam: There is also SOAP and RMI interfaces to consider
[15:24] <elschlomo> there's the proposed system for tokens in a REST envorinment: http://en.wikipedia.org/wiki/Cryptographic_nonce
[15:25] <barmintor> DAve is going to set up a JIRA issue
[15:25] <ajs6f> Dave is going to post a Jira issue for this.
[15:25] <ajs6f> I think we've got a bit of conversation to have before deciding on a course of action.
[15:25] <ajs6f> Has anyone got any immediate ideas for Dave beyond using the funky FeSL action as it exists?
[15:25] <barmintor> It seems like the most important thing to do is start sketching out the requirements, so that we can have a more directed conversation.
[15:26] <barmintor> Frank: Dave may considr using legacy authN as a stopgap
[15:26] <elschlomo> Dave: There's also the legacy auth system which got replaced by FeSL
[15:26] <ajs6f> I agree, Ben.
[15:27] <ajs6f> Can we call this "authentication integration"?
[15:27] <dlacy> WIll do
[15:28] <ajs6f> https://wiki.duraspace.org/display/FEDORA34/Security
[15:28] <ajs6f> That's the documentation for "legacy auth".
[15:29] <ajs6f> One point: the work that I mentioned earlier (Prater/Crowe/Soroka) is _specifically_
[15:30] <ajs6f> to deprecate "legacy auth". So whatever we lose there, we probably ought to make sure FeSL's got 'em.
[15:31] <elschlomo> an o'reilly blog entry about nonces: http://answers.oreilly.com/topic/2180-rest-in-practice-http-security-essentials/
[15:33] <barmintor> Adam's FCREPO 4-ish features: JAAS callbacks for all features can be a drag, especially when interacting with upstream SSO services. Where might those improvements happen? What should be given up to the surrounding system context?
[15:35] <ajs6f> Moving on to other status reports, Steve Bayliss has been moving forward with some Trippi/Mulgara updates.
[15:35] <barmintor> https://jira.duraspace.org/secure/IssueNavigator.jspa?reset=true&jqlQuery=project+%3D+FCREPO+AND+status+%3D+Received+ORDER+BY+created+DESC%2C+updated+DESC%2C+priority+DESC
[15:35] <ajs6f> Ben -- issues?
[15:35] <barmintor> There don't appear to be new issues (Merry Christmas!)
[15:39] * discoveryjonatha (8eb07d27@gateway/web/freenode/ip. Quit (Quit: Page closed)
[15:39] <ajs6f> Okay-- that's a wrap for the committers' call.
[15:39] <ajs6f> Happy new year!
[15:39] * EdAtTheAlliance (1809d1a2@gateway/web/freenode/ip. Quit (Quit: Page closed)
[15:49] * barmintor (~benjamin@cpe-72-229-190-215.nyc.res.rr.com) has left #duraspace
[16:00] * dlacy (9968a9ab@gateway/web/freenode/ip. Quit (Quit: Page closed)
[17:10] * ajs6f (89369bdb@gateway/web/freenode/ip. Quit (Quit: Page closed)
[22:03] * mhwood (mwood@mhw.ulib.iupui.edu) Quit (Remote host closed the connection)

These logs were automatically created by DuraLogBot on irc.freenode.net using the Java IRC LogBot.