X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=README;h=5785f63a1f63fc34b40bf450eceadef5c5f94288;hb=1f9462a7ab9753929fd9b24043915515f2d77dd2;hp=8a084e4cc1dbdce375f4ce208ea8e7acb0d57d68;hpb=145423fe4bd2bf6cf014f7d5b53b026758ace5d3;p=trust_router.git diff --git a/README b/README index 8a084e4..5785f63 100644 --- a/README +++ b/README @@ -2,7 +2,7 @@ Eventually this document may go away or hold README information for the trust router. Right now, it serves as a to-do list for work that needs to be done on the trust router code before various releases: -TO-DO FOR BETA RELEASE (originally due Jan 2013) +TO-DO FOR BETA RELEASE (May 2013) ====================== DONE - GSS connection API (based on MIT example code) DONE - DH implementation and test code (based on openssl) @@ -13,31 +13,40 @@ DONE - Eliminate bulk of info/debug messages (mostly from GSS code) DONE - Generate a real random number for DH (in common/tr_dh.c) DONE - Read TR portal/manual config from files at start-up (non-dynamic) DONE - Look-up code to find correct AAA Server for a Comm/Realm -IN PROGRESS - TR TID request & response handlers -- Check gss_name on incoming TID request in TR (in TIDS, too?) -- Check rp_realm COI membership in TR -- Check idp_realm APC membership in TR -- Map a COI to an APC in TR (incl config & lookup code) -IN PROGRESS - TIDS integration with freeradius server (Sam) -IN PROGRESS - TIDC integration with freeradius proxy (incl default comm config) -- Handle per-request community configuration in AAA proxy -- Resolve TBDs for error handling and memory deallocation +DONE - TR TID request & response handlers +DONE - TIDS integration with freeradius server +DONE - TIDC integration with freeradius proxy +DONE - Map a COI to an APC in TR (incl config & lookup code) +DONE - Resolve TBDs for error handling and deallocation -TO-DO FOR FULL PILOT VERSION (~2 months after beta release) +TO-DO FOR FULL PILOT VERSION (by July 1, 2013) ============================ -- Move to better tasking model for TR (needed for dyn cfg and TR protocol) -- Dynamically re-read TR configuration file at runtime -- Keep single connection open between AAA proxy & TR for TID requests -- Normalize/configure logging for info msgs, warnings and errors (log4c) +DONE Check rp_realm COI membership in TR +DONE Check idp_realm APC membership in TR +DONE Check gss_name on incoming TID request in TR (in TIDS, too?) +- Add Request ID to TID messages (req'd for mult simultaneous reqs) +- Handle per-request community configuration in AAA proxy +- Normalize/configure logging for info, warnings and errors (log4c) - Clean-up gsscon API and messages +DONE Add accessors for all externally accessible data structures, etc. +DONE Formalize API for integration with RADIUS servers +DONE Figure out what to do about commented-out checks in gsscon_passive.c - Handle IPv6 addresses in TID req/resp (use getaddrinfo()) -- Implement rp_permitted filters (incl. general filtering mechanism) -- Add constraints to TID req in TR, store and use them in AAA Server +DONE Implement rp_permitted filters (incl. general filtering mechanism) +DONE Add constraints to TID req in TR, store and use them in AAA Server - Use valgrind to check for memory leaks, other issues -- Full functional testing +- Resolve remaining TBDs +DONE Full functional testing -TO-DO FOR PRODUCTION VERSION (August 2013) +TO-DO FOR PRODUCTION VERSION (expected in August 2013) ============================ +- Keep single connection open between AAA proxy & TR for TID requests +- Handle multiple simultaneous TID requests in AAA proxy +- Move to better tasking model for TR (for dyn cfg and TR protocol) +- Dynamically re-read TR configuration file at runtime - Multiple Trust Router support including implementation of TR protocol +- Add TR support for multiple non-shared AAA servers in an IDP +- More fully integrate TIDS with AAA Server? (Tradeoffs?) - Consider standard encoding of DH info (from jose WG) - Algorithm agility in TID protocol? +- Handle more than one APC per COI? (How would this work?) \ No newline at end of file