IQSS logo

IRC log for #dvn, 2013-02-13

We've moved! Please join #dataverse instead. The new logs are at http://irclog.iq.harvard.edu/dataverse/today

| Channels | #dvn index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
08:24 zodbot joined #dvn
13:51 pdurbin gearing up to talk about shibboleth: http://irclog.perlgeek.de/shibboleth/2013-02-13#i_6447050
14:23 pdurbin "What about apache+mod_shib+ajp as a solution for integrating Shibboleth with a Glassfish application? This was suggested to me at http://irclog.perlgeek.de/shibboleth/2013-02-13#i_6447092 Alternatives I'm considering are http://openam.forgerock.org (formerly http://en.wikipedia.org/wiki/OpenSSO ) or something along the lines of http://code.google.com/p/websso/ which uses http://www.opensaml.org "
14:24 pdurbin I just posted that. It *should* appear at http://weblogs.java.net/blog/amyroh/archive/2012/02/15/running-glassfish-312-apache-http-server#comment-827367 after it's approved
14:41 pdurbin oh good. it looks like it got approved
14:49 pdurbin another vote for OpenAM: http://twitter.com/jm2dev/status/301702827431059458
15:16 pdurbin I sent a reminder about today's IRC meeting about Shibboleth. The agenda is here: https://groups.google.com/d/topic/dataverse-community/_v77HGj4wPk/discussion
15:17 pdurbin - summarizing how authentication works in a Dataverse Network today
15:17 pdurbin - reaching a common understanding of what Shibboleth is
15:17 pdurbin - roughing out a plan for how to integrate Shibboleth into the DVN
15:18 pdurbin - discussing implications of Shibboleth integration
15:47 mcowen joined #dvn
15:56 pdurbin2 joined #dvn
15:56 pdurbin2 this is a test from adium: http://adium.im
16:02 bobtreacy joined #dvn
16:11 pdurbin bobtreacy: welcome! :)
16:24 pdurbin mcowen: the gang's all here
18:06 pdurbin someone in #glassfish mentioned there's a Glassfish "community" on Google+, so I asked for shibboleth itegration suggestions there: https://plus.google.com/107770072576338242009/posts/X7dVmrXaBu2
18:29 matt1337357 joined #dvn
18:50 matt1337357 joined #dvn
18:51 gdurand joined #dvn
18:53 mcowen joined #dvn
18:59 Jon__ joined #dvn
19:00 Jon__ hello
19:00 pdurbin Jon__: hi! welcome
19:01 Jon__ I am not sure how you planned for this to go or what you want to accomplish?
19:01 pdurbin well, i have an agenda
19:01 pdurbin you'll see :)
19:01 pdurbin i even have a meeting bot: zodbot :)
19:02 pdurbin we'll see how this goes :)
19:02 pdurbin #startmeeting
19:02 zodbot Meeting started Wed Feb 13 19:01:38 2013 UTC.  The chair is pdurbin. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:02 zodbot Useful Commands: #action #agreed #halp #info #idea #link #topic.
19:02 pdurbin #topic intro
19:03 pdurbin hello and welcome! I've called this meeting to talk about integrating Shibboleth into the Dataverse Network (DVN)
19:03 marlena joined #dvn
19:04 pdurbin my web page is http://www.iq.harvard.edu/people/philip-durbin and i own the ticket we're using to track the integration: https://redmine.hmdc.harvard.edu/issues/2657
19:04 pdurbin here's the agenda:
19:04 pdurbin - summarizing how authentication works in a Dataverse Network today
19:05 pdurbin - reaching a common understanding of what Shibboleth is
19:05 pdurbin - roughing out a plan for how to integrate Shibboleth into the DVN
19:05 pdurbin - discussing implications of Shibboleth integration
19:05 pdurbin everyone should feel free to jump in at any time
19:06 pdurbin you're welcome to link to a page about yourself or otherwise say who you are like I did above :)
19:06 pdurbin #topic summarizing how authentication works in a Dataverse Network today
19:06 pdurbin let's use https://dvn-demo.iq.harvard.edu/dvn/ as an example. It's running DVN 3.3
19:07 pdurbin there are two links at the top right: "Create Account" and "Log In"
19:07 pdurbin "Create Account" takes you to pretty standard form asking for a username, password, email, etc.
19:07 pdurbin after filling out the form you're logged in
19:07 pdurbin you can create a dataverse, create studies, upload files, etc.
19:08 mheppler joined #dvn
19:08 pdurbin the user account you created is stored locally, in a PostgreSQL database
19:08 pdurbin all in all, i think it's a pretty standard way for a webapp to behave
19:09 pdurbin if there are any questions or comments about this, please go ahead
19:09 pdurbin I *could* go into how at least for the DVN at https://dvn.iq.harvard.edu/dvn/ we have the concept of being a Harvard Affiliate...
19:10 pdurbin which is based on IP addresses or logging in through what we at Harvard call "PIN auth"
19:10 watcher joined #dvn
19:11 pdurbin ... but I think I'll go ahead and talk some more about Shibboleth :)
19:11 pdurbin #topic reaching a common understanding of what Shibboleth is
19:12 pdurbin according to http://shibboleth.net "Shibboleth is an open-source project that provides Single Sign-On capabilities and allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner"
19:12 pdurbin http://shibboleth.net/about/basic.html has more about the main "actors" in Shibboleth. I want to focus on the Identity Provider (IdP) vs. the Service Provider (SP)
19:12 pdurbin the Identity Provider (IdP) authenticates the user. http://idp.testshib.org is an example IdP. It stores all the usernames and passwords (and other info like email address, etc.)
19:13 pdurbin Jon__: as I understand it http://its.unc.edu/service-catalog/shibboleth/ describes the IdP that Odum would use
19:13 pdurbin here's the official write up of what an IdP is: http://shibboleth.net/products/identity-provider.html
19:13 pdurbin a Service Provider (SP) registers with an IdP to... provide a service
19:14 pdurbin the official write up is at http://shibboleth.net/products/service-provider.html but I'd like to move on to a real-world example I cooked up
19:14 pdurbin I've taken a server called "dvn-vm2" and have made it a Service Provider (SP). The service it's providing is access to a protected area Shibboleth people call a "resource"
19:14 pdurbin Let's say we've licensed STATA and want to let students download it after they've logged in to Shibboleth.
19:15 pdurbin Back to the server... I've registered it as a Service Provider (SP) with with the Identity Provider (IdP) from testshib.org
19:15 pdurbin If you click https://dvn-vm2.hmdc.harvard.edu/secure/ you should be redirected to a login page at https://idp.testshib.org/idp/Authn/UserPassword
19:15 pdurbin you can go ahead and try it :)
19:16 pdurbin you should see some usernames and passwords listed... such as myself/myself or alterego/alterego
19:16 pdurbin After login you should be taken back to https://dvn-vm2.hmdc.harvard.edu/secure/ and see "Secure area"
19:17 pdurbin let me pause for a minute and ask if anyone here is able to successfully log in to https://dvn-vm2.hmdc.harvard.edu/secure/ ?
19:17 sbmarks yep!
19:17 pdurbin sbmarks: awesome. thanks
19:18 pdurbin so you get a sense of what's happening :)
19:18 pdurbin https://github.com/dvn/shibpoc contains all the configuration for how I set up dvn-vm2
19:18 pdurbin If you jump down to https://github.com/dvn/shibpoc#http-headers-from-login-test you'll see the various URLs your browser hits as you log in ... idp/profile/SAML2/Redirect/SSO?SAMLRequest... /idp/AuthnEngine ... /idp/Authn/UserPassword ... /idp/profile/SAML2/Redirect/SSO ... /Shibboleth.sso/SAML2/POST etc.
19:18 pdurbin marlena: i'm sure you understand all those URLs better than i do :)
19:19 pdurbin so the thing we're protecting is /secure
19:19 pdurbin and everything underneath it
19:20 pdurbin on disk /secure is /var/www/html/secure
19:20 pdurbin and you can imagine goodies in there like /var/www/html/secure/STATA-installer.exe
19:20 pdurbin licensed software, that is, that we want to protect from the public
19:21 pdurbin we only want students to download it. after they have authenticated via Shibboleth, via our IdP
19:22 pdurbin again, I've registered the the Service Provider (that dvn-vm2 server) with a specific IdP at testshib.org
19:23 pdurbin I think of this as the "hello world" of Shibboleth... it's a pretty basic use case really... trying to protect some files from being downloaded by the public
19:23 pdurbin does this make sense to people?
19:23 sbmarks yup. makes sense!
19:23 pdurbin sbmarks: cool
19:23 pdurbin anyone else out there? :)
19:24 marlena Sure it makes sense -- but shibb is ignorant of what you are trying to protect.
19:24 bobtreacy I'm lurking
19:24 gdurand same here
19:24 pdurbin heh
19:24 pdurbin marlena: well.. i was wondering that too
19:24 marlena By the time you are ready to make an authorization decisions -- for downloading files or whatever, shibb should be out of the picture.
19:24 pdurbin how does shibboleth know that it's supposed to protect /secure and not some other area
19:25 marlena That has to do with your httpd configuration.
19:25 pdurbin i actually created http://dvn-vm2.hmdc.harvard.edu/open/ to say "Wide open area" and it *doesn't* require any shibboleth auth
19:25 pdurbin marlena: yes! exactly
19:26 pdurbin there is an Apache config file that ships with the shibboleth RPM: /etc/httpd/conf.d/shib.conf
19:27 pdurbin it has standard apache stanzas... looks like this: <Location /secure> AuthType shibboleth ... </Location>
19:27 pdurbin i put the whole stanza at https://github.com/dvn/shibpoc
19:29 pdurbin #info https://dvn-vm2.hmdc.harvard.edu/secure/ example show protecting files from download
19:29 pdurbin #topic roughing out a plan for how to integrate Shibboleth into the DVN
19:30 pdurbin Unlike the "hello world" dvn-vm2 example above with a "secure" area for software downloads, DVN is a full Java EE web application (running on Glassfish)... the identity of users is fundamental to DVN's operation
19:30 pdurbin I think we can all agree on this :)
19:30 sbmarks seems fair
19:31 pdurbin every dataverse network has users. users create dataverses. and permissions are granted on studies within those dataverses
19:31 pdurbin each dataverse is kind of a world of access control :)
19:31 pdurbin i mean, some people choose to have everything public
19:32 pdurbin but many users restrict access to their studies and data to certain other users
19:33 pdurbin also, the dvn-vm2 example was all or nothing... either you have access to that /secure area or you don't
19:33 marlena That's not strictly correct.
19:33 pdurbin with the DVN your view of a page might be different depending on whether you're logged in or not
19:33 pdurbin marlena: no?
19:34 marlena Any time a user does a GET you the app get to do an authorzation decision  -- presumably based on a cookie you've sent (after you've gotten attributes via the Shibb authentication step).
19:35 pdurbin hmm, ok. sounds good. i don't feel like i'm making any decisions in my hello world dvn-vm2 example though. but i guess i could somehow
19:36 marlena If you haven't set a cookie or the cookie is expired you can redirect the user to a shibb-protected url -- and then get attributes for them.
19:36 marlena That's one way of doing things any way  :-).
19:36 pdurbin :)
19:36 pdurbin ok
19:36 marlena It's actually a fairly typical way AFAIK.
19:37 pdurbin well, the point i'm driving at is that auth is fundamental to the DVN so the integration with shibboleth needs to be complete... it needs to be deep
19:38 marlena Yes to "complete."
19:38 pdurbin and we need to make sure the shibboleth integration is a toggle switch... most DVN installations don't have a local Shibboleth Identity Provider (IdP) to point at
19:39 marlena I think the idea of "local idp" is a bit off-base.
19:39 pdurbin is it?
19:39 marlena The whole point is that the user logs in at their home (remote) institution.
19:39 marlena At least that was the original point :-).
19:39 pdurbin ok, let's same "home institution" :)
19:40 pdurbin whoops. let's say "home institution" :)
19:40 pdurbin anyway, at the end of the day we need to code this up in Java somehow and right now I'm seeing three different approaches we could take
19:40 pdurbin three different directions
19:41 pdurbin and maybe we'll try a couple and see which works best
19:41 pdurbin let's call the first option "fronting Glassfish with Apache"
19:41 marlena Here's one way: When the user hits your authentication page, they can pick "local login" if they want to use their existing dataverse name/pwd or the pick from a list of IdPs that the Dataverse talks to.
19:42 sbmarks one thing we want to flag for now or later: we are a consortium and would have to rely on multiple IdPs
19:42 sbmarks ah k
19:42 sbmarks a wayf page
19:43 sbmarks (i have expert help sitting next to me)
19:43 marlena In essence -- except that it also allows local login.
19:43 bobtreacy Does anybody know, is there something shib provides that is different from other SAML implementations?
19:43 sbmarks cool
19:43 marlena What the shibb code provides that SAML doesn't is...
19:44 marlena ....a fairly rich set of attribute acquistion and mapping facilities both on the IdP and SP side.
19:45 marlena This let's the IdP send attributes other than "name" -- and lets the SP (via configuration) change the attributes it gets into something your app knows how to consume.
19:47 marlena Phil: please resume your set of approaches.  Sorry about the interrupt :-).
19:47 pdurbin gdurand: at a meeting the other week we talked a bit about local logins vs. login via an IdP... I feel like we were thinking that if a DVN installation moved to IdP logins that they would no longer be able to use local login
19:48 pdurbin sbmarks: or multiple IdPs
19:48 marlena If you let the user pick "local loging" or their home institution (assuing it's in a list of IdPs you support), then you can do both.
19:49 pdurbin right but it's a design decision
19:49 marlena If you have user's who are at institutions that don't have IdPs, aren't you kind of pushed into doing support for both types of login?  (Just sayin' :-).)
19:50 pdurbin well, yes, but not necessarily at the same time, if that makes sense
19:50 pdurbin I left a note to myself to pick up this thread about local logins later
19:50 marlena Don't get me wrong: some apps force Shibb/SAML authentication and don't have the notion of local login (even if they did in the past).
19:50 sbmarks amaz says: you're absolutely right. It comes down to what you'd like to support. You currently have local users... you want to support idP logins... you may want to support linking an existing account to a shib account...
19:51 marlena Exactly.
19:51 pdurbin sbmarks: yes, exactly. we were thinking about a link
19:51 pdurbin all DVN installations now have local accounts only
19:51 sbmarks excellent
19:51 gdurand I think they would still need local login. For example are DVN. If we allow authentication for Harvard folks via IDP, we still want all other current uers to be able to log in.
19:51 pdurbin yes
19:52 gdurand It's just that if they had created the account via IDP, then they would not have a way to login locally (no stored password).
19:52 marlena When I talked to Merce & Phil & Gustavo a few weeks ago, we talked about linking the Shib-provided identity to a IQVerse-held identity -- so that they wouldn't have to muck with there authorization system.
19:52 marlena Why would they need to login locally?
19:53 pdurbin marlena: social scientists anywhere in the world are welcome to create accounts at https://dvn.iq.harvard.edu/dvn/ and start uploading data
19:54 marlena Well, you encourage them to create their account via authN via shibb, instead of getting a new name/pwd.
19:54 gdurand In our DVN, for example, we allow anyone to create an account. So some people are Harvard affiliates and could use their Harvard credentials, but others are from anywhere else and still need the ability to create accounts. log in, etc.
19:54 pdurbin so in the future, if Harvard has an IdP we can point that DVN installation at... we would need to support login via IdP and local logins for non-Harvard people
19:55 marlena Um, what about users who have IdPs at their non-Harvard institutions?
19:55 sbmarks marlena: if an SP (who is a consortia) wants to provide access to students across their consortia, but not all consortia members have idPs.?
19:55 sbmarks you would perhaps provide a "WAYF" page
19:55 marlena Then they allow local logins and Shib-enabled authentication.
19:56 marlena Yes, via a WAYF-type page. "Where Are You From"
19:56 pdurbin marlena: thanks. not everyone knows what WAYF means, i'm sure
19:56 marlena An alternate is to have the user get an account at "protect net" -- which serves as an IdP.
19:57 sbmarks amaz says: my bad!
19:57 marlena I had to do this so I could authenticate to an InCommon site (because Harvard's IdP (which I'm standing up) isn't yet ready).
19:58 marlena I think this is not a bad way to go -- and is worth exploring  i.e. have users get a protect net account instead of a local account.
19:58 pdurbin marlena: so you seem to be saying that if a DVN installation chooses to use an IdP, we shouldn't allow local logins at all. that people who don't have an account with the home institution IdP should still log in via *some* IdP such as http://www.protectnetwork.org
19:59 marlena No. No. No.
19:59 pdurbin ok :)
19:59 marlena I'm not saying that..
19:59 marlena I'm providing a set of possibilities.
19:59 pdurbin ok. well i think well need to support both local logins and login via an IdP for some DVN installations
19:59 marlena I think it's fine to provide local accounts if you want to continue to do that.   And it might be fine to ask users to get an protect net account instead.
20:00 pdurbin i don't think protect net accounts are free
20:00 marlena I didn't pay.
20:00 pdurbin hmm, ok
20:00 marlena Like I said, "worth exploring" :-).
20:00 pdurbin anyway, i'd like to get back to java
20:00 pdurbin and possible directions
20:00 pdurbin bobtreacy: and your question :)
20:01 pdurbin so the first option is "fronting Glassfish with Apache"
20:01 pdurbin This write up says nothing about mod_shib, but it's probably the best resource about fronting glassfish with Apache: http://weblogs.java.net/blog/amyroh/archive/2012/02/15/running-glassfish-312-apache-http-server
20:02 pdurbin Some people call this "apache+mod_shib+ajp": http://irclog.perlgeek.de/shibboleth/2013-02-12#i_6444686
20:03 pdurbin bobtreacy: as you and i were discussing, however, this introduces a dependency on apache
20:03 pdurbin right now people don't need apache to run DVN. just glassfish
20:03 pdurbin #info option 1: fronting Glassfish with Apache
20:03 pdurbin Another option is OpenAM: http://openam.forgerock.org
20:04 pdurbin OpenAM is the continuation of a (defunct) Sun project called OpenSSO: http://en.wikipedia.org/wiki/OpenSSO
20:04 bobtreacy Marlena answered it to some extent, although I'd like to understand more what we'd lose with say OpenAM, since that shib guy you were talking to suggested using other SAML implementations, for instance on JBoss and as you say we have discussed using this on glassfish
20:04 pdurbin #info option 2: OpenAM
20:05 pdurbin bobtreacy: can you describe your experience with OpenAM?
20:05 marlena I have to pay attention to another conf call....
20:05 marlena I'll try to multiplex :-).
20:07 pdurbin (this guy votes for OpenAM by the way: https://twitter.com/jm2dev/status/301702827431059458 ... he was testing with TestShib )
20:07 pdurbin (as he wrote about here: http://lists.forgerock.org/pipermail/openam/2012-June/006831.html )
20:08 pdurbin I'm going to go on about the third and last possible direction: writing our our Service Provider (SP)
20:08 pdurbin Shibboleth uses a protocol called SAML: http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language
20:09 pdurbin In this scenario, we would handle the SAML transactions ourselves
20:09 bobtreacy I've gone through setting up OpenAM on glassfish a while ago when we were thinking about SSO
20:09 pdurbin bobtreacy: ok
20:09 pdurbin This was first suggested to me in #glassfish: http://www.evanchooly.com/logs/%23glassfish/2013-02-07
20:09 marlena Phil: Don't forget the attribute transmogrifications.
20:09 pdurbin The guy mentioned some sample code at http://code.google.com/p/websso/
20:09 pdurbin Today in ##shibboleth someone says they wrote their own for node.js: http://irclog.perlgeek.de/shibboleth/2013-02-13#i_6447136
20:10 pdurbin In both cases (glassfish and node.js) the underlying library used is OpenSAML: http://opensaml.org
20:10 pdurbin #info option 3: write our own Service Provider (SP) with OpenSAML
20:10 pdurbin so those are the three options I see: 1. fronting glassfish with apache, 2. OpenAM 3. using OpenSAML and handling the SAML back and forth ourselves
20:12 pdurbin rather than trying to get any of these 3 options right into the DVN, I thought a better approach would be to add them to this simple template app: https://github.com/IQSS/iqss-javaee-template
20:12 bobtreacy Is marlena's shib going to be available to use, rather than setting up our own apache?
20:12 pdurbin which i've deployed publicly to http://dvn-vm2.hmdc.harvard.edu:8080/hello1/ so i can hopefully register it with the IdP at https://www.testshib.org
20:13 pdurbin bobtreacy: i don't know. https://www.testshib.org is out there. i *think* we can test with that
20:14 pdurbin there are also IdP VMs we can download and test with maybe: http://irclog.perlgeek.de/shibboleth/2013-02-12#i_6444019
20:15 pdurbin and http://simplesamlphp.org might be a suitable IdP we could stand up ourselves for testing: http://irclog.perlgeek.de/shibboleth/2013-02-12#i_6444004
20:15 pdurbin I'm sure we can only go so far with https://www.testshib.org since we have no control over it, but it's not a bad place to start, I think
20:16 pdurbin marlena: any word on if we can test with your IdP?
20:16 marlena Not before a month.
20:17 pdurbin marlena: ok. no problem. we'll use testshib for now. thanks
20:17 marlena We could do quick tests before then.
20:17 pdurbin ok
20:17 marlena I.e. you and I would need to coordinate to make sure the IdP is up.
20:17 pdurbin right. makes sense
20:19 pdurbin so unless there are any objections, the next step I'll take is starting to add some basic auth to https://github.com/IQSS/iqss-javaee-template and once that's up, switch it over to OpenAM
20:19 pdurbin i plan to look at  http://jsfcompref.com (JavaServer Faces 2.0: The Complete Reference) for guidance on coding up some basic auth (or sample code we have in house)
20:20 bobtreacy btw, looking at http://shibboleth.net/products/identity-provider.html it says supported container Tomcat 6 - glassfish web-tier is tomcat
20:20 pdurbin bobtreacy: are you thinking we should run our own IdP?
20:20 pdurbin the DVN team, I mean, for testing?
20:22 marlena Question: What would your own IdP give you that testshib doesn't?  (I haven't looked into testshib.)
20:22 gdurand it seems to start we can try to use what's out there - first testshib, then Marlen'as
20:22 bobtreacy ok
20:23 pdurbin #agreed use testshib.org first, then Harvard's test IdP when available
20:23 marlena If you want to set up your own IdP, feel free -- I'm just wondering what's the bang for the buck.  (It might be significant.)
20:23 pdurbin marlena: our own (or your) IdP would give us control
20:23 marlena Over what?
20:24 pdurbin i assume that when installers of the DVN go to turn on shib auth they'll need to coordinate with their home institutions IdP provider
20:24 marlena Um, not more than they'd coordinate with any IdP they want to deal with.
20:25 pdurbin hopefully we can get pretty far with a public resource like testshib.org
20:25 pdurbin #action pdurbin to add basic, non-shib auth to iqss-javaee-template and later OpenAM for testing with testshib.org
20:25 pdurbin any more action items for this topic? next up is "discussing implications of Shibboleth integration"
20:26 pdurbin (which we've kind of discussed already)
20:27 pdurbin #topic discussing implications of Shibboleth integration
20:27 pdurbin #idea make sure we can support multiple IdPs
20:28 pdurbin #info shib-enabled DVNs will probably still need local login as well
20:29 pdurbin #link http://irclog.iq.harvard.edu/dvn/2013-02-13#i_855 discussion of local login and other implications of enabling Shibboleth in a DVN
20:30 marlena Here's one:  Decide on whether you want your IdPs to be part of InCommon.  (Reason: That way you get their metadata in a standard feed.)
20:30 pdurbin marlena: makes sense
20:31 pdurbin I think we've covered a lot of good ground today... I'm pretty much ready to wrap up
20:32 pdurbin The conversation can continue in this channel at any time as far as I'm concerned
20:32 pdurbin people are welcome to pop in with an idea
20:33 pdurbin are we done?
20:33 marlena Thanks, Phil.  Bye for now.
20:33 gdurand Thanks, Phil.
20:34 pdurbin thanks all!
20:34 pdurbin #endmeeting
20:34 zodbot Meeting ended Wed Feb 13 20:33:16 2013 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot .
20:34 zodbot Minutes: http://meetbot.fedoraproject.org/dvn/2013-02-13/dvn.2013-02-13-19.01.html
20:34 zodbot Minutes (text): http://meetbot.fedoraproject.org/dvn/2013-02-13/dvn.2013-02-13-19.01.txt
20:34 zodbot Log: http://meetbot.fedoraproject.org/dvn/2013-02-13/dvn.2013-02-13-19.01.log.html
20:34 zodbot Please remember to CC: meetingminutes@lists.fedoraproject.org on your summary/minutes email.
20:34 pdurbin here are the minutes: http://meetbot.fedoraproject.org/dvn/2013-02-13/dvn.2013-02-13-19.01.html
20:34 gdurand left #dvn
20:43 mcowen left #dvn
20:46 * pdurbin sends out the minutes to the Google Group: https://groups.google.com/d/msg/dataverse-community/_v77HGj4wPk/frXSe0YTNUIJ
20:55 zodbot left #dvn
21:23 pdurbin sbmarks: I'm impressed you threw WAYF out there :)
21:57 sbmarks pdurbin: hehe, I had our systems guy who is very familiar with shib sitting next to me

| Channels | #dvn index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

We've moved! Please join #dataverse instead. The new logs are at http://irclog.iq.harvard.edu/dataverse/today