X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=README;h=885e06e6ca581af8405631cf42333e2d9ae8547e;hb=refs%2Fheads%2Fprod-debugging;hp=8a084e4cc1dbdce375f4ce208ea8e7acb0d57d68;hpb=986a4cf98d1b8dbadbeb1eb707f163ab08858e32;p=trust_router.git diff --git a/README b/README index 8a084e4..885e06e 100644 --- a/README +++ b/README @@ -2,7 +2,7 @@ Eventually this document may go away or hold README information for the trust router. Right now, it serves as a to-do list for work that needs to be done on the trust router code before various releases: -TO-DO FOR BETA RELEASE (originally due Jan 2013) +TO-DO FOR BETA RELEASE (May 2013) ====================== DONE - GSS connection API (based on MIT example code) DONE - DH implementation and test code (based on openssl) @@ -13,31 +13,42 @@ DONE - Eliminate bulk of info/debug messages (mostly from GSS code) DONE - Generate a real random number for DH (in common/tr_dh.c) DONE - Read TR portal/manual config from files at start-up (non-dynamic) DONE - Look-up code to find correct AAA Server for a Comm/Realm -IN PROGRESS - TR TID request & response handlers -- Check gss_name on incoming TID request in TR (in TIDS, too?) +DONE - TR TID request & response handlers +DONE - TIDS integration with freeradius server +DONE - TIDC integration with freeradius proxy +DONE - Map a COI to an APC in TR (incl config & lookup code) +DONE - Resolve TBDs for error handling and deallocation + +TO-DO FOR FULL PILOT VERSION (by July 1, 2013) +============================ - Check rp_realm COI membership in TR - Check idp_realm APC membership in TR -- Map a COI to an APC in TR (incl config & lookup code) -IN PROGRESS - TIDS integration with freeradius server (Sam) -IN PROGRESS - TIDC integration with freeradius proxy (incl default comm config) +- Add key confirmation to TID protocol +- Check gss_name on incoming TID request in TR (in TIDS, too?) +- Add Request ID to TID messages (req'd for mult simultaneous reqs) +- Fix issue with how DH params are handled in the TR (API clean-up) - Handle per-request community configuration in AAA proxy -- Resolve TBDs for error handling and memory deallocation - -TO-DO FOR FULL PILOT VERSION (~2 months after beta release) -============================ -- Move to better tasking model for TR (needed for dyn cfg and TR protocol) -- Dynamically re-read TR configuration file at runtime -- Keep single connection open between AAA proxy & TR for TID requests -- Normalize/configure logging for info msgs, warnings and errors (log4c) +- Normalize/configure logging for info, warnings and errors (log4c) - Clean-up gsscon API and messages +- Add accessors for all externally accessible data structures, etc. +- Formalize API for integration with RADIUS servers +- Figure out what to do about commented-out checks in gsscon_passive.c - Handle IPv6 addresses in TID req/resp (use getaddrinfo()) - Implement rp_permitted filters (incl. general filtering mechanism) - Add constraints to TID req in TR, store and use them in AAA Server - Use valgrind to check for memory leaks, other issues +- Resolve remaining TBDs - Full functional testing -TO-DO FOR PRODUCTION VERSION (August 2013) +TO-DO FOR PRODUCTION VERSION (expected in August 2013) ============================ +- Keep single connection open between AAA proxy & TR for TID requests +- Handle multiple simultaneous TID requests in AAA proxy +- Move to better tasking model for TR (for dyn cfg and TR protocol) +- Dynamically re-read TR configuration file at runtime - Multiple Trust Router support including implementation of TR protocol +- Add TR support for multiple non-shared AAA servers in an IDP +- More fully integrate TIDS with AAA Server? (Tradeoffs?) - Consider standard encoding of DH info (from jose WG) - Algorithm agility in TID protocol? +- Handle more than one APC per COI? (How would this work?) \ No newline at end of file