>>>>> "Cantor," == Cantor, Scott <canto...@osu.edu> writes:
Cantor,> On 10/30/17, 4:36 PM, "Pkg-shibboleth-devel on behalf of Cantor,> Sam Hartman" Cantor,> <pkg-shibboleth-devel-bounces+cantor.2=osu....@lists.alioth.debian.org Cantor,> on behalf of hartm...@debian.org> wrote: >> So, in order to have a moonshot-gss-eap that builds against >> openssl 1.1, we'll need to get xmltooling fixed. Cantor,> The version of Shibboleth that supports 1.1 will be out Cantor,> some time next year, and I can't put much of a time frame Cantor,> on it beyond that. I doubt it will be June, but I also Cantor,> doubt it will be January. Nod. I've actually been following this list and am aware of where things stand. Assuming that the SSL maintainers move at the speed they are hoping to move, Shibboleth will be pulled from Debian testing in about a month. My understanding is that the patches already exist, but effort didn't exist within Debian to do a good job of taking those patches ourselves at least the last time this was discussed on the list. Moonshot can technically be built without Shibboleth. That kind of cripples especially the acceptor, but it does build. I'll talk to the moonshot community about whether it would be better for Moonshot to remain out of testing (it got pulled because of an arm64 issue) or whether having a crippled version that works well as a client but not great as a server would be better.