CACTI notes of Tuesday, September 14, 2021

Attending

Members

  • Rob Carter, Duke, (Chair)
  • John Bradley, Independent
  • Joshua Drake, Indiana University's Center for Applied Cybersecurity Research
  • Matthew Economou, InCommon TAC Representative to CACTI
  • Stoney Gan, University of South Florida
  • Michael Grady, Unicon
  • Kevin Hickey, Detroit Mercy
  • Marina Krenz, REN-ISAC
  • Barry Johnson, Clemson

Internet2 

  • Steve Zoppi 
  • Nicole Roy
  • David Walker
  • Kevin Morooney

 

Regrets

  • Les LaCroix
  • Bill Thompson
  • Chris Phillips
  • Ann West


Action item review

  • AI Rob - touch base with Marina Adomeit to schedule Discovery / Seamless Access  as a future topic for CACTI.  Action Item from Aug 17 , 2021
  •  AI Rob -- reach out to JohnB and Shilen about the U2F issue  Action Item from Aug 3 , 2021
  • AI  Rob,  Les and Nicole - work on putting structure around the discussion of CACTI Spheres of Influence. Action Item from July 20 , 2021
  • AI - Rob and Les - slot the user centric identity  topic into a future CACTI agenda. Action Item from March 30, 2021
  • AI - Rob reach out to the CACTI email list to start to gather contacts and use cases for upcoming discussions around OIDC.  Action Item from March 16, 2021

Discussion

  Administrivia

  1. Please say your name when you start to speak, until we learn each others' voices
  2. Please ask colleagues to define terms, expand acronyms, etc, until we learn each others' jargon
  3. It's ok to challenge your colleagues in pursuit of quality of discourse. Hopefully in a nice way
  4. Please disclose any conflicts of interest you may have in any of the agenda topics, and potentially excuse yourself from the relevant conversations
  5. Internet2 Intellectual Property Agreement reminder
  6. CACTI Charter pointer
  7. Agreements:

Announcements and Updates

  1. InCommon Federation Manager application move to AWS
    1. Happening on Wednesday, September 29, after metadata signing. 5 p.m. PT.
    2. It’s previously been running on premise by Internet2.
    3. The Federation Manager is the tool Participants use to manage their federation metadata. Originally written by IJ Kim, it is currently developed and maintained by InCommon operations in cooperation with a software development partner agency.
    4. This will start moving FM into an automated staging process. We don’t currently deploy automatically to production; that requires a click by an authorized person.
  2. eduroam transition to InCommon operations
    1. There are ~1000 IdPs in eduroam, ~600 in federation. This correlates roughly to # universities. Federation also has SP-only participants, though.
    2. Eduroam’s backend is being upgraded. Part of upgrade will move its administration functions into the FM.
  3. IAM Online Wednesday (WG involvement)
    1. Rob will be presenting about CACTI tomorrow (9/15/2021).
    2. It’s all T&I working groups, so each group will have limited time.

Community Update

  1. (Skipped due to lack of a presenter…)

Deployment Guide Development Process / Working Group Design

  1. It’s easy for CACTI members to “know” what’s needed, but we don’t have the wider community’s perspective, so we risk missing the mark.
  2. CACTI’s origins are largely in MACE. CACTI inherited both a “push” function to orchestrate work, as well as strategic tracking where the “puck” is going in the future.
    1. Kevin counts on CACTI to be as neutral as he needs to be with respect to federation, eduroam, trusted access platform, etc.
  3. Internet2 relies on community input/feedback to know what it should be doing on behalf of that community.
  4. It’s hard to get people to buy a new car, as opposed to a faster horse. (Henry Ford said if he'd asked what people want in a car, he'd be told a faster horse.). It’s not always best, though, for consumers to buy a new car.
    1. Is Azure a new car or a faster horse?
  5. We not only need to ask what people want; we need to ask what they’re doing to see if we can propose a better solution.
  6. Should we survey the community? Is the community up for another survey?
    1. TAC and CTAB have good examples of surveying the community.
    2. Baseline Expectations has been very successful at getting community input.
    3. It's best to get community members to take the lead.
  7. Perhaps next step is to draft a charter?
    1. Interim step would be for CACTI to list concerns.
    2. Rob screen-shared lists of concerns and “community practice/validation”
      1. https://docs.google.com/presentation/d/1zgb8WHgVr5Oru2BS3vVcYJ6muuN4q_tJxDu2lVh5C_E/edit#slide=id.p
  8. The install/upgrade model should be simple and reliable like “apt-get.” We need to be sensitive to how people can keep up to date. If we believe Kubernetes, for example, is part of the solution, we need to consider the full range of requirements for platform and expertise.
  9. We need to be thinking ahead. Funding and other issues make this lead time at least 18 months for Internet2.
  10. Kevin Hickey has migrated form “TAP” tools to Azure. Cirrus Identity has a product that makes federation participation possible from Azure. This is a valuable model.


Next CACTI Meeting: Tuesday, September 28, 2021

  • No labels