Hey all, I just received this notice from Google about a change that they are making in order for them to comply further with the SAML 2.0 spec. Does this affect the CAS 3.1 Google Apps module?
Thanks, Mark ---------- Forwarded message ---------- From: Mark McCoy <[EMAIL PROTECTED]> Date: Wed, Jul 2, 2008 at 3:08 PM Subject: [Fwd: Action Required: Update needed for my.utsa.edu SSO with Google Apps] To: [EMAIL PROTECTED] -------- Original Message -------- Subject: Action Required: Update needed for my.utsa.edu SSO with Google Apps Date: Wed, 2 Jul 2008 12:56:17 -0700 (PDT) From: Google Apps Support <[EMAIL PROTECTED]><[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Hello administrator of domain my.utsa.edu, Nothing is more important to us than the security of your users' data. We are emailing you because we have detected that your Google Apps single sign-on (SSO) implementation may be vulnerable to a theoretical security hole. We would like to emphasize that we have not received any reports of this vulnerability being exploited. In order to improve the security of Google Apps SSO, we have added a requirement on the data your sign-in application (identity provider) sends. You must update your sign-in application by the end of August 2008. The new requirement is described here: http://code.google.com/apis/apps/faq.html#recipient If your sign-in application is derived from our sample code, please refer to the latest version of the sample code for the changes you'll need to make to your own code. The updates to the sample code are also described in the link above. If your sign-in application was not derived from our sample code, e.g. is a third-party identity provider software, please forward this information to the developers of the identity provider software. Important Notes: - We will begin enforcing this new requirement on your sign-in application by the end of August 2008. - In the meantime, we will continue to accept the current responses from your sign-in application so that your users can continue to sign in to Google Apps. - If you are unable to update your sign-in application by the end of August 2008, please email [EMAIL PROTECTED] - If you are about to deploy Google Apps SSO for new domains, you will need to ensure this new requirement is met for those domains prior to deployment. If you have any questions, please email [EMAIL PROTECTED] Thank you for your consideration. The Google Apps Team -- Mark McCoy OIT Enterprise Services The University of Texas at San Antonio 210-458-5871 -- Mark McCoy Enterprise Services (Unix Group) Office of Information Technology The University of Texas at San Antonio (210) 458-5871
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
