|
I don't know, but at least I was totally unable to write a blog comment at this site (blogger.com):
|
Hello, world! This is (yet again) an attempt to maintain a blog. I haven't properly upgraded my brain to Web 2.0 yet, so bear with me if it remains silent for some time between posts.
Yesterday I had to configure eduroam for a non-technical user.
... [More]
Trying to be as less invasive as I could, I didn't want to install a new supplicant and keep the old one - the Windows built-in supplicant. Looking at the user's face when I explained where to check boxes mandatorily, optionally, and where to never ever click, navigating through the gazillions of sub-menus, I eventually realised: the built-in supplicant is not usable. Period. I'll never advise anyone to use this supplicant and configure it by hand again.
Later in the day, I had him download and install the Intel Pro/Wireless supplicant and provided him with an importable profile. These profiles include CA, all settings about authentication and whatnot - after double-clicking on the profile, he was once prompted for a password and it just worked happily thereafter.
read more [Less]
|
I figured out I had to take a bit more part of the OpenID community to see what's up. First thing I realized was that I was missing something fundamental: a i-name.
So I went out shopping (yes, i-names cost money). Beeing a mac-user I went for the
... [More]
i-broker (I think it is called that) with the roundest edges and most vivid colours: equalsyou.com.
Now =andreas is my new name, and I'll try figure out what I can do with it. I understand I have to understand how URI becomes IRI becomes XRI and are described with XRDS documents exchanged with XDI somehow, and that it solves all possible problems with identities and identifiers. Now, I need to get some sleep. [Less]
|
Sxipper is an awsome and convenient Firefox tool that makes life simpler and at the same time claims to be secure. Great isn't it?
Sxipper claims:
Privacy - Sxipper protects your personal data by keeping it secure on your computer and retrieving it
... [More]
for you when you choose to share it online.
But when you enter Sxipper preference panel, you can click Show password, and whoops only a Yes to a question, and there is all your passwords:
Update: After some more playing around with firefox 3 I figured out that if you set a global master password on FF, Sxipper will use that. That's not too bad. Clever. But what would be even better; if you could use Apple Keychain instead...
Let's double check:
[sxipper2]$ find . | xargs strings | grep encrypted{"id":"[email protected]","version":"1.0","encrypted":true,"format":"json","type":"complete"}{"id":"[email protected]","version":"1.0","encrypted":true,"format":"json","type":"complete"}
read more [Less]
|
I just commited a big update to the dictionary files of simpleSAMLphp. Most importantly we have two new languages: Slovenian and Hungarian. The other languages has a lot of updates too. Thanks for the contributions folks!
As you remember I created
... [More]
this translation portal where people can contribute with translations. What I did now was to create the scripts neccessary to autmatically populate simpleSAMLphp dictionary files from the translation portal database.
Important: Notice that I have changed the language codes of some of the languages. This mean you have to update your config.php file with available languages according to the config.php template. [Less]
|
One of our friend in Netherlands, Hans Zandbelt just contributed WS-Federation support to simpleSAMLphp. We hope for people to test this, and hopefully help maintaining the code in the future. I have no WS-Fed test setup myself, so unfortunately I
... [More]
will not be able to do much help here.
Hans says:
I just checked in some code to support federative connections from simpleSAMLphp SPs to WS-Federation/ADFS IDPs using the Passive Requestor Profile.
Thanks Hans. Hans is working in SURFnet with the SAML 2.0-based SURFfederatie federation. [Less]
|
Today, I open the new Feide RnD SAML Message Example Library. Right now we just added a few examples messages to show how it works, but we plan on collecting SAML messages from all available SAML software packages.
It can be useful to have such a
... [More]
collection of messages on one place, to review the differences of default values etc.
Please send me example messages (request and responses) for the software you have available.
The SAML Message Examples Library [Less]
|
|
And people are continously joining. Are you signed up to the mailinglst? If not, do it now...
|
Stig have just released 1.1-beta. He would generally recommend everyone to
upgrade to this one. If you really need maximum stability and don't
want to help test the new features, you may use 1.0p1 though.
The new features since the alpha release are
... [More]
in short:
attribute filtering
accounting support
and improved certificate matching.
There are of course also a number of bugfixes.
If you are currently running 1.1-alpha, then you should upgrade to
the more stable 1.1-beta. I actually hope that everyone will upgrade
to this one.
[ Downloads, more info etc. ] [Less]
|
Consent administration is a separate application contributed by Wayf.dk, where users can add and withdraw consent granted to send attributes to SAML 2.0 service providers.
We setup a separate User consent page on the simpleSAMLphp homepage. We will
... [More]
add more documentation and information about user consent here.
Kim Oechsle from Wayf.dk is one of the main developers behind the User Consent Administration package.
Today we also checked into trunk updates which allows translation of the consent module user interface into multiple languages.
User consent is about giving users control of their own identity and who's getting access to their personal data. With user consent you put the user in charge.
User consent by 1-2-3.
If you have a simpleSAMLphp IdP up and running, you can enable user consent just by changing one line of config.
read more [Less]
|
