Hi Sean,
Thanks for working on this. I'll see about doing some local build
testing in the next few days.
Thanks,
Brent
On 9/12/23 8:45 AM, Sean Mullan wrote:
Hi Brent,
I have fixed this issue [1] and it will be in the next 2.3.4 and
3.0.3 releases of Santuario. However, if you have a chance to pull
the latest sources and do a local build to see if it addresses your
concerns, that would be great and provide more assurance that it is
working.
Thanks,
Sean
[1] https://issues.apache.org/jira/browse/SANTUARIO-604
On 8/10/23 4:26 PM, Brent Putman wrote:
On 8/10/23 1:15 PM, Sean Mullan wrote:
Yes, sorry I guess I wasn't clear enough. This is a Santuario
issue. I can probably post a PR in the next few days that addresses
this.To me this is the best solution if you want to provide a
solution that works both with BC and the JDK.
Ok, thanks! Yes, I agree that it's the best solution, and should be
transparent to users of the library.
Even if we did add direct support to the JDK for the PSS w/o param
algorithm URIs as defined in RFC 9231, it would initially only be
supported in the next version of JDK (22), and would need
justification, etc in order to be backported to earlier releases.
Yes, and even if it was in 22, it wouldn't help us much
(OpenSAML/Shib) as we baseline only on LTS releases and so the
release of our new 5.0 in the next few weeks will be on 17.
Also for some reason, I thought you were a Santuario Committer, so
sorry if I implied you could do the work. :)
Ah, understood. Yeah, only Scott from our team is currently a
Santuario committer.
--Brent
