CACTI Call, Tuesday, June 22, 2021
Attending
Member
- Rob Carter, Duke, (Chair)
- Les LaCroix, Carleton College (Vice-Chair)
- Marina Adomeit, SUNET
- John Bradley, Independent
- Margaret Cullen, Painless Security
- Michael Grady, Unicon
- Kevin Hickey, Detroit Mercy
- Marina Krenz, REN-ISAC
- Chris Phillips, CANARIE
- Bill Thompson, Lafayette College
Internet2
- Kevin Morooney
- Ann West
- Nicole Roy
- Emily Eisbruch
Netta Caligari
Regrets
- Joshua Drake, Indiana University's Center for Applied Cybersecurity Research, regrets Matthew Economou, InCommon TAC Representative to CACTI
- Stoney Gan, University of South Florida
- Barry Johnson, Clemson
- Jeremy Perkins, Instructure
- Steve Zoppi, Internet2
Action items from March 30, 2021
- AI - Rob and Les - slot the user centric identity topic into a future CACTI agenda
- AI - Rob and Les - form ideas to share with CACTI for continuing the secrets management discussion with others in the community
Action items from March 16, 2021
- AI - Rob reach out to the CACTI email list to start to gather contacts and use cases for upcoming discussions around OIDC.
- AI - Rob reach out to leaders of MidPoint/Banner Integration working group to talk with CACTI re: Banner, (AnnW did intro with MattB) . (Note Banner WG is folding into the MidPoint WG)
Discussion
- Administrivia
- Internet2 Intellectual Property Agreement reminder
- CACTI Charter pointer
Announcements
- TNC (online meeting) is this week (https://tnc21.geant.org/)
- Previously TNC was called the TERENA conference
- The conference is on European time, meetings start early for Eastern Time Zone
- This is a challenge of global online meetings
- Last year TNC was cancelled
- It was noted that the online conference is going well, chat features are helpful
- IAM Online planning ongoing, date changed to Wed., August 11th
- Topic is around Secrets Management
- Security focus, including Supply Chain security
- Relationship to SolarWinds
- Planning meeting for the IAM Online is this Friday June 25
- IAM Planning subgroup met with Trust and Identity Software Integration Working Group, that working group is interested in this opportunity, may meet with them again
- Link to the skeleton presentation;
- need to fill it in more
- We are still shaping the message message CACTI wants to advocate for in this area
- We want to get people to the table, help people to be more effective in their onsite security.
- If you are running Shibboleth SP, Windows Boxes, see security announcement from today, June 22, 2021 https://shibboleth.net/community/advisories/secadv_20210622.txt
Welcome and Intro: Netta Caligari, InCommon Community Program Manager
- Netta is based in Fort Collins, Colorado
- Comes from a start-up around digital engagement
- Worked at Colorado State University previously
- Netta will be working to support Trust and Identity advisory committees
- She will also be lead for IAM Online, CAMP and Advance CAMP
- Goals include
- Streamlining how the community works and ensuring resources are findable
- Help with getting review and awareness for the community's work
- Highlighting community stories
- She looks forward to learning about CACTI’s priorities
- Feel free to reach out to Netta jcaligari@internet2.edu
Rolling updates from CACTI members at the top of each call?
- It can be a challenge getting cross fertilization and different voices heard on the CACTI calls
- Suggested new approach to create more opportunities for broader involvement
- Ask CACTI members to report back on outside conferences, committees and involvements
- The approach of having “reports” from various advisory committee members has worked well in InCommon TAC, works well at Duke
- incorporating pre-reads can help
- Plan is to ask a CACTI member to present a topic about 1.5 weeks in advance of the CACTI call where they will present
- Ideas for next time (Colonial pipeline briefing - Josh; FIDO Alliance)?
- Logistics - Nicole will ask for volunteers and/or “voluntold-ing” people (will miss the next call due to some OoO time, however)
Community Outreach - Continuing the discussion
- It's important to keep in touch with other identity organizations (the identerati)
- Connection with the IDPRO community is one way https://idpro.org/
- Where else can we look for external communities connected with trust and identity?
- KevinH: suggestion to reach out to Microsoft
- Kevin M:
- InCommon does not have a sales team
- we maintain and curate a vast network of people who know we exist
- We get “sales” through spinning and maintaining a web
- If we properly shape and position the web, we will catch things important to us
- Helpful to expand our web
- Could be interesting to do an inventory of how we are doing
- IETF is an organization where Internet2 staff and committee chairs used to spend much time in the IETF world. Less so now
- Gartner is an organization that convenes people in Higher Ed https://www.gartner.com/en/consulting
- AACROA - Ann West has done a lot of work with this organization https://www.aacrao.org/who-we-are
- InCommon Steering has emphasized the need for a greater focus on the value proposition
- Rob noted that the component architects have talked about sustainability
- what are best approaches to identify and cultivate new leaders to have in place for when a current software team lead or other leader retires?
Next CACTI Meeting: Tuesday, July 20, 2021
(NOTE: The July 6th CACTI meeting is cancelled in observance of Independence Day (US))