Nov 20 2015 Ad Hoc Advisory Group Call

Notes and Action Items: Ad Hoc Advisory Call of Nov. 20, 2015

Agenda for Nov. 20, 2015 at 3pm ET (90 minutes)

Attending: Jim, Keith, Tom, Ann, Emily, Nick, Ken, Paul

Not Available: SteveZ

New Action Items from call of Nov. 20

[AI] (Tom) invite Helen Patton to join the Ad Hoc Advisory Group

[AI] - (Emily) move Ad Hoc advisory charter from Google Doc to a wiki page and link from to Ad Hoc Advisory Wiki page and from TIER working group page.

[AI] (Tom, Ann and DavidW) meet to move forward on the Doc Stewardship doc

[AI] (Emily) put TIER Roadmap on agenda for when SteveZ is on the call

Carry Over Action Item:

[AI] (SteveZ) draft charter for TIER Instrumentation/Measurement working group; Jacob will also work on it

Action Item Review at start of call of Nov 20

[AI] (Ann) update the Ad Hoc Advisory Group charter and remove the preliminary membership that applies to CAPE (DONE)

[AI] (Emily) create on the wiki start for CAPE’s charter (include a bullet for having representation at international conferences) (Started, see https://spaces.at.internet2.edu/display/ASWG/CAPE+Charter+Draft ) (DONE)

[AI] (Ann) continue to update this group on discussions with CIC around launching the Campus Success WG

(Ann reports that there is a meeting with the CIC IdM group in mid-December. Also the CIC CIOs will discuss in their meeting at start of Dec. It will be good to have IDM deployers on this WG)

[AI] (Emily) ask David Walker to give the Ad Hoc Advisory Group access to the TIER Doc Stewardship Draft proposal document (for discussion on the Friday, Nov. 20 call) (DONE)

[AI] (SteveZ) draft charter for TIER Instrumentation/Measurement working group; Jacob will also work on it

Discussion

ICT Focus in Basel, Switzerland - Report-out (postpone for when Steve is on call)

Working Group Updates

Packaging WG (Jim)

calls are weekly, they have had 2 calls.

There are 4 subgroups:

Grouper
Shib
COmanage
Core Packaging

The groups are all meeting together at this point. They are starting a survey on default configurations for the 3 components (Shib, Grouper, COmanage) and packaging environments available on campus

Keith and Paul have joined the calls

Paul: we are lumping a lot into “packaging”

Three issues:

how to deliver the software
installation and customization
ease of use going forward (simple upgrading)

Jim: yes, many topics being covered, all are in scope right now

Paul: suggestion to take the Shib installer and include the Grouper installation

Chris Phillips has shared the perspective from CANARIE

OARnet has an approach that may be of interest

Data Structures and APIs WG (Keith)

There are calls on Wed 3 pm Eastern (for North Americans) and Fridays 9 am Eastern (for international)

Maarten Kremers and Chris Hyzer are participating

Check the scribing google doc for the WG for more details

A first subgroup is focusing on the most Immediate deliverable is compare /contrast of 4 efforts:

Grouper
VOOT v2
CIFER
SCIM 2

The three methods we’re looking at first are:

isMember (or hasMember, for a group/member),
getMembers (of a group),
getGroups (of a member).

These are on the 80/20 list of most-used calls by applications; CIFER has talked about these as ‘Authorization APIs’; Grouper server should be able to take the basic structured data and expose via multiple protocols, i.e. allow apps to request groups/members in their preferred style; for example, support both VOOT2 & SCIM;

A second group has been identified to look at registries APIs, starting with IDMatch which is the most mature API to come out of CIFER

Ken: on the Consent internals call, Marlena has been actively participating,

The Consent Internals group will consult with the TIER API group

Security and Audit WG (Tom)

Tom: Helen Patton, CISO at OSU will chair. She is connecting with Mike Zawacki (flywheel)

Tom: CTSC News: Bart Miller and Alyssa Hayman do software assessment training and tools. They have agreed to join the Security WG and assist w assessment. Tom also spoke w Susan Sons. She is also happy to help.

Goal is to recruit for WG members during Dec and start calls in Jan. 2016.

Should Helen join this Ad Hoc Advisory group? Or wait until the Ad Hoc status ends?

[AI] Tom invite Helen Patton to join the Ad Hoc Advisory Group

Measurement WG (Steve)
TIER Component Architects Group (Steve)

On the Component Architects calls, there has bee discussion of using common tools, using Community Forum for support /help, using Docker, etc.

Will TIER distributions include the patches? Jim: the community will expect yes.

expectation for “curated” software.

TIER developers may be able to produce some of the packaging elements. (verify this w SteveZ on a future call perhaps)

Question: when there’s a Shib patch, who distributes that to TIER customers?

Use something similar to the Red Hat distribution model?

We should discuss this topic w SteveZ and Ann and clarify the approach

Ken: refactoring, e.g. translating "geek" names into more friendly names-- was discussed on the Component Architects call.

Tom: when will there be a more detailed TIER roadmap that tells things like “when will the TIER person registry be available?”

There was a preliminary strawman roadmap /timeline that is now probably out of date

-what about updating that?

-who should do that?

-it should be run by the component architects..

-Will discuss when SteveZ is on the call

[AI] (Emily) put TIER Roadmap on agenda for when SteveZ is on the call

Finalize charter for this short-term Ad Hoc Advisory Group

Charter should be shared w TCIC and w TIER Investors.

Provides transparency on how we are bootstrapping TIER

charter was Approved by the Ad Hoc Advisory Group

AI - Emily move Ad Hoc advisory charter from Google Doc to a wiki page and link from to Ad Hoc Advisory Wiki page and from TIER working group page.

Next Steps on CAPE charter - plot our course, identify initial editor(s)

Goals: charter for CAPE in January 2016, end Ad Hoc Advisory group in March 2016 and convene CAPE.
Work on the CAPE charter will be handled on a future call

TIER Doc Stewardship Draft proposal

Purposes of the documentation stewardship guidelines:

important documents should remain referenceable
need clarity on docs and how formal/informal they are
for community engagement feedback
need to know status of docs
need transparency for Trust and Identity workflow
put documents in bright lights (for community review, etc) at the correct times
Each doc should have a section that identifies important facts about it (is it guidance doc, is it a requirements doc?)
Internet2 should have a common practice for document management
By having a published process for documents, this can give more standing to documents (like IETF has)
Q: should the guidelines apply to product doc, training materials and source code? What about charters? What about Federation Operating Practices?

Keith: yes, training materials are “official”
Jim: training materials are wiki like and can morph with the release

Q: same workflow for training materials as for specs?

Keith: review stage is flexible as written
for source code, it’s included in a release, it does not belong in a document stewardship model
for charters, some are important to vet (example the CAPE charter)

Q: what will the review process look like?

need to narrow/scope down the categories of docs being considered and then we can decide the review process
Ken: communications documents around a product do not need to be considered official
Keith : ‘specifications’ and ‘guidelines’ are terms that are close to defining the desired scope of this document stewardship process. The term “official” is too broad.
Content management

Should there be a submission process to get a doc into the flow?

Process for moving forward? Give feedback to DavidW ? edit it directly?

Ken: are there other similar processes within Internet2?

Would eduroam documents fit into this Doc Stewardship framework

Tom: Normative docs would fall within this framework. Guidelines would be within the framework, training materials would not.

Maybe Ann should socialize this with other leadership areas in Internet2

Should we ask HeatherF, Nicole for wisdom from their experience from IETF etc?

Consult with Joni Brennan?

Ann: yes consult with Nicole. Normative documents will be used internationally

Jamie from OASIS