Please give some orientation about how to follow the active development concepts regarding groups, permissions, (federated) authentication and encryption

Looking for the right place for infos about RBAC, SAML and encryption

Hi – this page is just created because I am not able to find the right place to follow… this btw might be seen as an indicator for an usability issue with CG, from what I see after login I totally can not understand the structure of anything, it is kind of non-existing, only different content-types like discussion, wiki etc, but these are no help in differentiating the actual content… also I can not find things I have read some time ago, a typical issue of missing content categorization, just a sidenote and as an explanation why I post this page out of pure despair and because I feel lost :)

Also there are some old questions by me that never have been answered – that is why I am trying to pose these questions here for a second (and last) time, just in hope that they are better visible then… but I do not want to be obtrusive and if you would rather stay amongst yourself I will not disturb here any more :)

I would like to follow these topics:

A) What are your actual concepts about groups and permissions?

Seems like you have learned something about misconceptions in the old crabgrass code, that would be interesting to read about. What are your lessons learned, your conclusions and which direction are you going now? Are you adopting existing patterns and standards like RBAC or are you going to reinvent the wheel?

B) Authentication, Authorization, Federation

At some wiki page here I read something about “federation” – would be interesting to learn what are your plans about this area? Are you integrating a federated login solution like SAML 2.0 or Shibboleth? This will put crabgrass on a completely different quality level, especially in the academic world supporting federated login is a basic requirement. I could not find any actual development docs about this issue.

C) Encryption

There is no indication in the code about how encryption is taking place – I assume that dmcrypt or some other kind of system level encryption is in effect, what just makes sense if the system is put offline. Are there any plans of implementing encryption on an application level, e.g. encrypting content of groups with a group-specific key or anything that is heading into the direction of this kind of “in-app-encryption”? Also encryption of private messsages would be an interesting feature, that could certainly be implemented more easily than encryption for groups – is anything like this in your scope?

D) Feature Requests – where to put and discuss them?

If I was just blind and did not find the latest info about these issues, please excuse me and just point me to the right pages, thanks!

Thank you very much for your attention,