[aerogear-dev] AGSEC - Roadmap

Bruno Oliveira bruno at abstractj.org
Fri May 24 06:38:26 EDT 2013


Do you mind in create an umbrella "Unified push" and convert these tasks 
to sub-tasks?"

Matthias Wessendorf wrote:
> Hi Bruno,
>
> while was doing some JIRA "work" :) as well, I felt like entering these
> items to our AGSEC instance:
>
> https://issues.jboss.org/browse/AGSEC-50
> https://issues.jboss.org/browse/AGSEC-51
> https://issues.jboss.org/browse/AGSEC-52
> https://issues.jboss.org/browse/AGSEC-53
> https://issues.jboss.org/browse/AGSEC-54
>
> Perhaps they will need to be converted into "sub-task" of other,
> related, tickets, but I felt like: "Better hammer them in, instead of
> forgetting".
>
> Greetings,
> Matthias
>
>
>
>
> On Thu, May 23, 2013 at 11:32 PM, Bruno Oliveira <bruno at abstractj.org
> <mailto:bruno at abstractj.org>> wrote:
>
>     Mahalo, here comes my proposal to AGSEC roadmap. Disclaimer: some tasks
>     are related with JS, iOS and Android. I don't want to push tasks to the
>     other teams, so feel free to assign to me as needed.
>
>     Again, feedback is more than welcome.
>
>     Gist: https://gist.github.com/abstractj/b50cee4eb8163ccf4c26
>
>     # AeroGear Security - Roadmap
>
>     ## 1.0.1
>
>     * Bug fixes on examples and updates on AeroGear Security
>
>     * AGSEC-16: Support for multiple roles for AerogearUser (TBD with
>     sblanc)
>
>     * AGSEC-29: Documentation with the overview and description on AeroGear
>     Security
>
>     * AGSEC-36: Add a method to retrieve all registered users on the
>     AuthenticationManager interface (TBD with sblanc)
>
>     * AGSEC-36: Add CRUD methods for AerogearUser
>
>     * Initial support for OTP on JS
>
>     ## 1.1.0 (Mid June)
>
>     * AGSEC-13: Add HTTP basic authentication support to the client side
>
>           * AGDROID-27 Add HTTP basic authentication support on AeroGear
>     Android (done by summers)
>
>           * AGIOS-4 Add HTTP basic authentication support on AeroGear iOS
>     (christos is on it)
>
>           * AGJS-18 Add HTTP basic authentication support on AeroGear.js (I
>     can help on it, I'm just following the JS roadmap)
>
>     * AGSEC-18: Add session management support
>
>     * AGSEC-27: Provide a detailed specification and which kind of
>     authentication schemes will be supported
>
>     * AGSEC-28: HOTP support
>
>           * AGDROID-30: Add HOTP support to aerogear-otp-java
>
>           * AGIOS-1: Add HOTP support to aerogear-otp-ios
>
>     * AGSEC-30: Unified Push (Add Client Access Key)
>
>     * AGSEC-31: Evaluate non repudiation for each application on the server
>
>     * AGSEC-34: Unified Push: Sec: Add Security Framework to PushEE
>
>     * AGSEC-48: Add Apache Shiro support on AeroGear Security
>
>
>     ## 1.2.0 (Mid August)
>
>     * AGSEC-6:      Encryption for mobile devices
>
>           * AGDROID-34 Implementation and API usage for android crypto
>
>           * AGIOS-3 Implementation and API usage for iOS crypto
>
>     * AGSEC-15: Add HTTP digest authentication support to the client side
>
>           * AGDROID-10 Add HTTP digest authentication support on AeroGear
>     Android  (Summers)
>
>
>           * AGIOS-5 Add HTTP digest authentication support on AeroGear iOS
>     (Christos)
>
>           * AGIOS-6 Provide a parameter on iOS to enable/disable the usage
>     of cookies       (abstractj)
>
>           * AGJS-23 Add HTTP digest authentication support on AeroGear.js
>
>     * AGSEC-26: Authentication schemes for mobile devices
>
>     * AGSEC-49: Add Hawk support on AeroGear Security
>
>
>
>     ## 1.3.0 (Mid October)
>
>     * AGSEC-2: Secure storage and cache
>
>           * AGSEC-7: Provide a detailed specification about how it
>     should work
>
>     * AGSEC-3: Url and Forms that perform important operations must be
>     protected by random tokens (hidden nonce values)
>
>     * AGSEC-4: Authentication of RESTful requests per transactions must be
>     provided as alternative on AeroGear Security
>
>     * AGSEC-14: HTTP signed requests
>
>     * AGSEC-17: Mobile devices blacklist support
>
>
>     ## 1.4.0 (Mid January)
>
>     * AGSEC-12: Offline authentication
>
>     * AGSEC-25: Include rate-limit to incoming requests from the same origin
>
>
>     ## 2.0.0
>
>     * AGSEC-5: Social login
>
>           * AGSEC-8: Provide a detailed specification about which methods
>     will be supported
>
>     * AGSEC-19: Security & privacy policy (geo, user, misc data)
>
>     * Biometric authentication (TBD)
>
>
>
>
>     _______________________________________________
>     aerogear-dev mailing list
>     aerogear-dev at lists.jboss.org <mailto:aerogear-dev at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev


More information about the aerogear-dev mailing list