| Item
| Description
| Owner
| Estimated Effort
| Status
| Due
|
| Identity Selector Service 0.2
|
|
|
|
|
|
| Identity Selector Service 0.3
|
|
|
|
|
|
| Identity Selector Service futures
|
|
|
|
|
|
| Support multiple "skins" in the ISS UI
|
|
| 4 days
|
|
|
| Support localization in the ISS UI
|
|
| 5 days
|
|
|
| Installer (.DMG?) for Mac OS X
|
|
| 5 days
|
|
|
| Installer (.msi) for Windows
|
|
| 5 days
|
|
|
| Installer (.rpm) for SUSE
|
|
| 2 days
|
|
|
| Support issd protocol over Unix domain sockets
|
|
| 3 days
|
|
|
| Support issd protocol over SSL
|
|
| 3 days
|
|
|
| Stand-alone card manager utility
|
|
| 5 days
|
|
|
| SOAP protocol handler
|
|
| 5 days
|
|
|
| Generate self-asserted cards
|
| Jim Norman and Andy Hodgkinson
| 5 days (3 remaining)
| Most of the issd work is done. Need to provide an xml-rpc verb to allow the UI to create the card. UI needs to provide a form for a user to enter the card data.
|
|
| Embedded STS
| Currently, the ISS directly issues tokens based on claims in self-asserted cards. The correct architecture is for the ISS to talk to an embedded STS.
| Daniel Sanders
| 12 days
|
|
|
| Client/Server session manager
|
|
| 3 days
|
|
|
| Migrate away from libxml2 and xmlsec
|
|
| 6 days
|
|
|
| Generate RSA key pair from the master key in self-asserted card
| Requires implementation of algorithms discussed in the X9.31 specification
| Andy Hodgkinson
| 3 days
|
|
|
| Implement SHA-256 in FTK since some default openssl libraries (i.e., distributed by operating system vendor) don't support SHA-256
|
|
| 3 days
|
|
|
| Utility to build and maintain certificate bundles needed for certificate chain verification
|
|
| 3 days
|
|
|
| Support for EV certificate validation
|
|
| 3 days
|
|
|
| Minimal secret store implementation that either implements basic secret store routines or wraps an available secret store on the platform (such as GNOME keyring, KDE wallet, etc.)
|
|
| 5 days
|
|
|
| New card store provider and provider registry architecture
| The .1 "quick-and-dirty" architecture doesn't address many security and scalability concerns
| Daniel Sanders
| 6 days (1 day remaining)
|
|
|
| Card store backup
|
|
| 4 days
|
|
|
| Ability to use a self-asserted card for authentication
|
|
| 2 days
|
|
|
| X.509 authentication
|
|
| 2 days
|
|
|
| Kerberos authentication
|
|
| 4 days
|
|
|
| Card store restore
|
|
| 6 days
|
|
|
| Firefox (1.5+) plugin / extension for Linux (x86-32)
|
|
| 6 days
|
|
|
| Firefox (1.5+) plugin / extension for Mac (Universal)
|
|
| 4 days
|
|
|
| Firefox (1.5+) plugin / extension for Windows (x86-32)
|
|
| 4 days
|
|
|
| Unit tests for issd and embedded STS
|
|
| 8 days
|
|
|
| Automated build process
|
|
| 6 days
|
|
|
| Add support for Ubuntu (32-bit)
|
|
| 5 days
|
|
|
| Add support for Debian (32-bit)
|
|
| 2 days
|
|
|
| Add support for RedHat (32-bit)
|
|
| 2 days
|
|
|
| SUSE Autobuild package
|
|
| 8 days
|
|
|
| Test against access manager
|
|
| 1 day
|
|
|
| Integration of auditing (using OpenXDAS)
|
|
| 3 days
|
|
|
| Secure "desktop" on Linux
|
|
| 4 days
|
|
|
| Document ISS interfaces (using Doxygen)
|
|
| 4 days
|
|
|
| Document ISS build process
|
|
| 1 day
|
|
|
| Support PIN-protected self-asserted cards
|
|
| 3 days
|
|
|
| Stand-alone utility to generate IdP issued cards
|
|
| 3 days
|
|
|
| Add support for locking card stores so that only on process at a time can update a store
|
|
| 2 days
|
|
|
