Proposal for Google Summer of Code 2013 by Rodrigo Aguilera
Name: Rodrigo Aguilera
- IRC: rodrigoaguilera on OFTC
- rodrigoaguileraparraga AT gmail DOT com
- Spain, UTC + 1
Background: My name is Rodrigo Aguilera Párraga. I'm on my fourth year of computer science studies at Universidad Rey Juan Carlos (Madrid, Spain). I'm currently studying in Barcelona with an interchange program and I'm going to live here during the summer. I started my career with a two year technical degree in software development and worked for two years on web development then I joined college but I continue to carry on small web projects and I'm quite involved with Drupal My profile. This experience makes me have some knowledge about how a open source project works: patches, git repositories, how to be constructive in the discussions, etc.
I also builded, maintain and administer the servers for various non profit Drupal websites. For example [http://literaturanova.com/] (a literature social network) [http://bicicritica.ourproject.org/] (the bike critical mass in Madrid) and other brochure sites for friends and family.
I'm quite familiar with the main subjects of the project, authentication, cryptography and security from what I learned on the main and optional courses that a computer science student have to pass to get his degree but I also deepened on this with a 4 month course on free software server architecture which covers many of the subjects explained in the book UNIX and Linux System Administration Handbook plus many subjects about licensing, best practices and how to contribute with an open source project. This last course encouraged me to become a cacert assurer.
As for the programming languages and technologies I feel comfortable with PHP and Java but I'm not scared with C or C++ since I programed micro-controllers and some learning projects with this languages.
I'm fluent in English and Spanish.
I've added the ability to generate identity files on the fly for ldap valid users in simpleid. Pull request
I really believe in free software and I advocate for it whenever I can and this a chance for working on the project that I admire the most and the community will get some advantages so I think is a win-win situation.
Project title: One-time-password (token) based authentication and transactions
Project details: Apart from what is described in the project idea this consists of various enhancements to already available software and adding more “glue” between the components that provide some kind of authentication.
I would like to lean more on the simpleid part at first to get authentication against the ldap without intervention of the admin. Also create a updated simpleid package for debian solving some pending bugs. With this make a proposal to include simpleid as SSO in the debian infrastructure, just against the ldap for the moment.
After that dig into the otp protocols specially CROTP to implement them into oathtool so the dyanlogin server can use them. With this working there should be an alternative method for authenticating with otp.
This also can be deployed in the debian infrastructure to allow otp authentication, supposedly using openid.
A way to generate passwords for otp must be considered so follow the steps of the fedora project with yubikeys could be an option.
If there's enough time integrations between parts can be implemented like making ?FusionForge (aka gforge) on alioth.debian.org use this SSO system to make life easier for developers.
Synopsis: Extend the available packages provided by Debian for authentication to achieve a wider support for one-time-password schemes allowing new features to be developed on top of them like authenticathing with openid against ldap or otp and integrate that with the debian infraestructure.
Benefits to Debian: Not only Debian will benefit from this improvements as these are packages that any distro can include but developing them in the Debian environment will help to integrate the different parts more easily with the system and can be included in some part of the infrastructure that runs Debian allowing contributors authenticate in a more flexible way.
- simpleid against ldap for sso
- working CROTP with oathtool in dynalogin
- deployment for debian.org of the improvements
Project schedule: I can start the last week of May but I can't go full time until after the first week of June
- -First week of May - first week of June
- Meeting with mentors and read documentation and examples to understand what is required
- Create development environment and other software or hardware requirements
- Take design and architectural decisions
- -Second to fourth week of June
- get simple id updated, working, enhanced and prepared to work inside the debian infrastructure
- -First to third week of July
- implementing CROTP into oathtool acording to the RFC
- -Fourth week of July – Second week of August
- Mid-term evaluation
- Make dynalogin use the CROTP protocol
- Be sure that all the parts work together
- -Third to fourth week of August
- Deploy the work in the debian infrastructure
- -First to second week of September
- Final changes based on community feedback.
- Improve documentation, testing...
- -Third week of September
- Final evaluation
Exams and other commitments: two finals on the first week of June.
Other summer plans: If I get accepted I would love to go to ?DebConf13. No other plans in mind.
Why Debian?: I've been using Debian as my preferred distro since 2006 and since then I believe Debian has given me a lot and now it's time to give something in return.
- Are you applying for other projects in SoC? No