Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

Future WebAuth releases

Adam Lewenberg adamhl at
Tue Dec 1 08:03:20 PST 2015

On 11/30/2015 7:46 PM, Russ Allbery wrote:
> Adam Lewenberg <adamhl at> writes:
>> Currently, we have no people committed to working on WebAuth development
>> at Stanford. As for our plans regarding 4.7.1, we have no plans in place
>> to move to 4.7.1 in the near term, although if there were campus demand
>> we might.
> So, the core of my question was basically "who is currently maintaining
> WebAuth and what are the patch release plans"?  It sounds like the answer
> at the moment is "no one and there aren't any."
> I personally don't use WebAuth at the moment, since my current employer
> doesn't (at least yet) have a need for it, and it's a bit much for my own
> personal needs, particularly since I mostly don't do web-ish things with
> my personal infrastructure.  I'm happy to keep packaging it for Debian,
> particularly since the alternative is probably that it would be dropped
> from the distribution, which would be a shame.  Although if someone else
> were doing that, or at least involved, it would probably be better, since
> I can't really test.
> I still care about reviewing patches and fixing things for people, and of
> course know a lot about the code base, but WebAuth is a large enough thing
> that there's really no way for me to maintain it in my scant free time.  I
> do have a web site up for it, though, and am happy to help with reviewing
> patches.
> It sounds like the broader WebAuth community might want to be thinking
> about a path forward for future releases and maintenance?  I'm happy to
> throw some time into code review and answering questions and so forth.

FYI: There is a group at Stanford looking at the future of web-based SSO 
on campus led by Scotty and Bruce. Jon R., Jon P., and I are also part 
of the group discussion. WebAuth and its future is part of that 
discussion, but no decisions have yet been made. In particular, no 
Stanford resources have been committed to WebAuth enhancement and 


More information about the webauth-info mailing list