OpenSAML 2.6.0 packaging?

Etienne Dysli-Metref etienne.dysli-metref at
Wed Aug 24 11:03:10 UTC 2016

On 24/08/16 12:04, Ferenc Wágner wrote:
> Actually, I'm done with both, but refrained from uploading OpenSAML
> because I included the InCommon metadata for some tests, and I'm not
> sure about its legal status.  It also bloats the source package big way.
> So I'll rip that out again soon (this week).

I see, perhaps we could build some fake metadata for testing that
wouldn't be as big as InCommon's (though testing a huge file would also
be useful). The first case to cover that springs to my mind would be
metadata signed and validated with PKIX. That's what we use in SWITCHaai
and we had many reports by deployers of failed metadata signature
validation when Ubuntu, then later Debian, shipped an OpenSSL patch that
broke xmltooling < 1.5.6.

> Unfortunately the backport uploads will have to wait until the full
> stack enters testing, though the actual work will be possible to do
> in your git trees (I don't recommend pushing before the packages
> enter unstable at least).

I know I'm not supposed to backport from experimental. ;) However, I can
publish 2.6.0-0 packages in our own SWITCHaai repository that would
later be replaced. I just want to stick as close as possible to Debian's
packaging so the packaging work doesn't have to be done twice.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Pkg-shibboleth-devel mailing list