I think the highest priority would be to release the CAS Client versions compatible with CAS 4.0 (mod_auth_cas and CAS Client for Java).
Regards, Ganesh On 19 May 2014 20:31, Jérôme LELEU <[email protected]> wrote: > Hi, > > CAS 4.0 has been released and I'm almost done with the tasks on the Jasig > web site. > > So it's time to think about the future (I like to say that ;-). Maybe we > could organize some conf call to talk about the next features we want to > work on? > > At our last AppSec Working Group conf call, we tried to prioritize what we > could expect from a security point of view. > From: > https://wiki.jasig.org/display/CAS/Proposals+to+mitigate+security+risks, > we highlighted: > -- global secure flag to enable HTTP on service / proxy (SEC_2b / SEC_1) > - SEC_4 + SEC_5 > - SEC_7 + SEC_9 > - SEC_10. > > This is of course some starting point for a discussion. > > I'm looking forward to your feedbacks. > > Thanks. > Best regards, > Jérôme > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
