CACTI Meeting Public Minutes 6-Feb-2018

Attending

  Members

• Chris Phillips, CANARIE (chair)
• Warren Anderson, University of Wisconsin-Milwaukee /LIGO  
• Rob Carter, Duke  
• Nathan Dors, U Washington  
• Jill Gemmill, Clemson  
• Ann Harding, SWITCH/GEANT  
• Todd Higgins, Franklin & Marshall College  
• Tom Jordan, U Wisc - Madison  

  Internet2

• Kevin Morooney
• Emily Eisbruch

  Regrets

• Tom Barton (U. Chicago)
• Karen Herrington (Virginia Tech)
• Christos Kanellopoulos (GEANT)
• Les LaCroix (Carleton College)
• Ann West (Internet2)
• Steve Zoppi (Internet2)

New Action Items

[AI] (Kevin)  carry back to the Trust and Identity Project Management team the feedback that the proposed format for collecting/ reporting Working Group monthly status looks good, and that CACTI is sensitive to not overburdening the WG chairs

[AI] (Emily) discuss with David Walker and team question of adding to Trust and Identity Document Repository conference presentations and IAM Online Webinars. CACTI does not want to generate huge effort however.

Action items lists here: https://spaces.at.internet2.edu/x/GoPdB
[AI] (Emily) will remove Jill’s action item since CarC is on hold (done)

DISCUSSION

improving communication about working group accomplishments and international activities 

• The Internet2 T&I project managers shared a suggested format for information sharing about working groups.  
• It was agreed that this format will increase visibility between the working groups.  
• Perhaps add “what can CACTI help with, if anything?”
• [AI] (Kevin) will carry back to the Trust and Identity Project Management team the feedback that this format looks good, and that CACTI is sensitive to not overburdening the WG chairs

Document Stewardship Framework Update

• Document Stewardship slides recently presented to the InCommon staff were shared with CACTI 
• The question was raised about keystone presentations from Tech Ex and other conferences? Should they be in the doc repository? What about IAM Online presentations?
• [AI] (Emily) discuss with David Walker and team the question of adding to Doc Repository conference presentations and IAM Onlines. CACTI does not want to generate huge effort however.
• Suggestion to add links to old doc in “superseded” metadata field of doc repository. Emily will move this suggestion along.

CACTI F2F at 2018 Global Summit

• We have requested a one-hour time slot for a CACTI F2F at 2018 Global Summit in San Diego- anticipate Tuesday May 8 Breakfast PT
• agenda TBD, in person attendees TBD as well.
• ChrisP will not attend Global Summit, Tom Barton will chair and ChrisP will dial in
• Warren will not attend, AnnH will know within a week or two if she will attend
• If there are only a small number of CACTI members at Global Summit, we may have a small CACTI meeting or not, to be decided
  
  

Community Reports  

Edugain steering group & impacts by Internet2 Deployment Profile Working Group

• New saml profile being finalized. Kantara interop profile needs updating. Kantara profile is aspirational
• Still some tweaks but progressing and expected to become the default eduGAIN SAML profile in 30-60 days(estimated)
• Relevance to CACTI and T&I interests:
• Impact to incommon and others
• anticipated to be light however the topic being navigated is how to have a profile that has the right MUSTs for the right reasons.
• Key point: AD FS and other technologies could be marginalized and in turn cause overall grief which eduGAIN SG policy subgroup is aware of and working out a course of action.

Internet2 Deployment Profile Working Group outputs of SAML2int work is referenced in eduGAIN SAML2 profile

• Challenge: WG work for SAML2int is a resulting document that 'this is what to strive for' (ie perfection) rather than a specification of sufficiency.
• Result: Other referring documents need to be careful when saying 'MUST comply with SAML2int work' as it is a very tall order.
• This is the challenge eduGAIN SAML2 profile is trying to navigate

eduGAIN incident response being looked at

• Recent events (Robot TLS security advisory and XMLTooling in Shibboleth) highlight a need for eduGAIN to improve/formalize incident response
• there is no documented one other than best practices
• conversation in progress Chris, Shannon R., Nick Roy and a few others for next ESG meeting.
• Q to CACTI: beyond drawing from I2 incident response behaviour, are there things to be drawn from this?
• The SIRTFI framework is key, https://refeds.org/sirtfi but it does not include all needed elements

Eduroam global governance committee meeting

• First convening of this session.
• Aiming to collect "What key items should eduroam ( in context with geant work plan) focus On?
• Ask by Canada (ChrisP) with USA (AnnW):Is there a current best practices doc/definition for Anycast and radsec technology technology and techniques for scaling services as both regional operators are looking at their architectures.
• OpenID Connect activity in the federation space - new models emerging and impact to current work?
• It appears that there is no longer a 'single' federation model but multiple styles.
• It is unclear if there is a preferred one for eduGAIN and seek feedback from CACTI group on interests and feedback.

Thoughts from OIDC Working Group

• AnnH: Idea is to continue with federation implementation and do pilots, but also consider there may be other ways to deploy versus the native OIDC federation.
• However hope to avoid endless variations
• Roland’s standardization work is relevant. AnnH will provide the links
• Interoperability is important
• Test OIDC federation would be helpful
• ChrisP: there is much opportunity in OIDC space, need to work strategically.
• Background:
  • See: http://lists.openid.net/pipermail/openid-specs-ab/Week-of-Mon-20180129/006707.html
  • (GÉANT GN4-2 T3.1pilot) outcome of the Amsterdam meeting:
  • https://github.com/alejandro-perez/fedoidc/blob/multifederation/doc/howto/multifederation.md

Next CACTI Call: Tuesday, Feb. 20