DONE - Generate a real random number for DH (in common/tr_dh.c)
DONE - Read TR portal/manual config from files at start-up (non-dynamic)
DONE - Look-up code to find correct AAA Server for a Comm/Realm
-IN PROGRESS - TR TID request & response handlers
-- Check gss_name on incoming TID request in TR (in TIDS, too?)
-- Check rp_realm COI membership in TR
-- Check idp_realm APC membership in TR
-- Map a COI to an APC in TR (incl config & lookup code)
-IN PROGRESS - TIDS integration with freeradius server (Sam)
-IN PROGRESS - TIDC integration with freeradius proxy (incl default comm config)
-- Handle per-request community configuration in AAA proxy
-- Resolve TBDs for error handling and memory deallocation
+DONE - TR TID request & response handlers
+DONE - TIDS integration with freeradius server
+DONE - TIDC integration with freeradius proxy
+DONE - Map a COI to an APC in TR (incl config & lookup code)
+DONE - Resolve TBDs for error handling and deallocation
TO-DO FOR FULL PILOT VERSION (~2 months after beta release)
============================
-- Move to better tasking model for TR (needed for dyn cfg and TR protocol)
-- Dynamically re-read TR configuration file at runtime
+- Check rp_realm COI membership in TR
+- Check idp_realm APC membership in TR
+- Add key confirmation to TID protocol
+- Check gss_name on incoming TID request in TR (in TIDS, too?)
- Keep single connection open between AAA proxy & TR for TID requests
-- Normalize/configure logging for info msgs, warnings and errors (log4c)
+- Add Request ID to TID messages (req'd for mult simultaneous reqs)
+- Handle multiple simultaneous TID requests in AAA proxy
+- Fix issue with how DH params are handled in the TR (API clean-up)
+- Handle per-request community configuration in AAA proxy
+- Add TR support for multiple AAA servers in an IDP
+- Move to better tasking model for TR (for dyn cfg and TR protocol)
+- Dynamically re-read TR configuration file at runtime
+- Normalize/configure logging for info, warnings and errors (log4c)
- Clean-up gsscon API and messages
+- Add accessors for all externally accessible data structures, etc.
+- Formalize API for integration with RADIUS servers
+- More fully integrate TIDS with AAA Server? (Tradeoffs?)
+- Figure out what to do about commented-out checks in gsscon_passive.c
- Handle IPv6 addresses in TID req/resp (use getaddrinfo())
- Implement rp_permitted filters (incl. general filtering mechanism)
+- Add
- Add constraints to TID req in TR, store and use them in AAA Server
- Use valgrind to check for memory leaks, other issues
+- Resolve remaining TBDs
- Full functional testing
TO-DO FOR PRODUCTION VERSION (August 2013)
- Multiple Trust Router support including implementation of TR protocol
- Consider standard encoding of DH info (from jose WG)
- Algorithm agility in TID protocol?
+- Handle more than one APC per COI? (How would this work?)
\ No newline at end of file
projects / trust_router.git / blobdiff