Attending
Members
- Chris Phillips, CANARIE (chair)
- Warren Anderson, University of Wisconsin-Milwaukee /LIGO
- Tom Barton, University of Chicago
- Rob Carter, Duke
- Karen Herrington, Virginia Tech
- Todd Higgins, Franklin & Marshall College
- Tom Jordan, University of Wisc - Madison
- Christos Kanellopoulos, GEANT
Internet2
- Kevin Morooney
- Ann West
- Steve Zoppi
- Nick Roy
- Jessica Coltrin
- Emily Eisbruch
- Romy Bolton
- Mike Zawacki
Regrets
- Les LaCroix, Carleton College
- Nathan Dors, U Washington
- Jill Gemmill, Clemson
- Marina Adomeit, GEANT
Discussion
Zoom security issue
- PSA: Update your zoom and if on a mac, read and review edits to stay safe: https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
Welcome New Internet2 Staff
- Jessica Coltrin, InCommon Community Advocacy Program Manager
- has been the InCommon TAC rep to CACTI, (previously Jessica was with Portland State U and Kuali Foundation)
- Jessica will be handling processes around working groups and engagement
- Looking at new ways of working with the community in addition to working groups
- Romy Bolton, Project Manager
- replacing Eric Murtha. Erin is now focusing on Training and Collaboration Success program
- Romy comes to us from U of Iowa
eduroam Advisory Committee charter
- consultation is live, ends July 24
- Good feedback from the community so far on this consultation
- Have promoted the draft charter consultation on the regular month calls w regional networks
- ChrisP will work with MikeZ to get addressing the input on the agenda for an upcoming CACTI call
- Membership on eduroam Advisory Committee:
- There are already 3-4 volunteers to serve on the eduroam Advisory Committee.
- Jessica will likely help with the nomination process.
TNC roundtable / debrief
https://refeds.org/40th-meeting
- Chris, Ann, Tom, Nick, Marina, Christos attended
- OIDC Federation challenges (link to presentation track)
- Concern about trend of decreasing participation on the calls
- next draft to be submitted to IETF
- High level of complexity to support the new model of OPENID connect, as complex or more than multilateral SAML
- Is proxying good enough?
- ChrisP: trust model is critical regardless of protocol
- InCommon Federation MDQ work is promising
- OIDC Federation challenges (link to presentation track)
- OIDC Federation challenges (link to presentation track)
- Mobility Day TNC19 - check with ChrisP for more information if you are interested
- Australian access federation and VerifID
- interesting work with service providers to monetize attributes.
- Services like VerifID are used to provide evidence of studentness.
- VerifID has tried to join InCommon, but schools have not wanted to sponsor VerifID.
- Some fear of VerifID potential use of attributes. Australian Access Federation (AAF) has solved this and it helps offset fees for participation in the AAF
- GEANT wants to be able to verify studentness also, to help with student mobility
- SURF model of release of R&S attributes to provider, Intermediary between IDP and SP, like verification but higher purpose. Brokering name and email address, not just studentness
- Goal to increase friendliness for users and for SPs
- Strong authentication is becoming more prominent and may be putting pressure on the MFA story
- Prediction that Username and password will become weird (cease to be used regularly) in a few years; Web authentication (Webauthn) will become the norm, FIDO technologies moving along. We should talk with the Shib consortium about supporting this
- Comment: Authorization is more important than authentication to SPs. It’s about release of info/attributes
- What is the role of the IDP in the Webauthn world?
- In Europe, in many cases, campus IDPs are not involved with student management systems. Going towards an attribute centric approach.
- For LIGO there is value for the IDP to be doing identity matching, this is a value the campus ID will continue to have in WebAuthN world
- Federation 2.0 F2F Working Group meeting after TNC was productive.
https://wiki.refeds.org/display/GROUPS/Federation+2.0- Defined 2 axes and their semantics
- Agency, autonomous and directed
- Opportunity, from limited to abundant
- Defined 2 axes and their semantics
- There will be four stories, one for each quadrant
- To frame strategies for R&E federations to consider adopting
- Diverse group participated
- Will do gap analysis and prepare for possible futures
- The Federation 2.0 group will wrap up early in 2020
- Baseline Expectations at TNC
- InCommon Baseline Expectations were shared at TNC, including at REFEDs.
- The Baseline Expectations story was well received
- People were impressed by # of FTEs/ size of effort required to get adherence
- Nicole Harris of REFEDs has started outreach on international baseline through REFEDs, Albert Wu has volunteered to serve
https://wiki.refeds.org/display/ASS/Baseline+Expectations
Same Site Chrome browser update cause grief (Nick or maybe Nathan?)
- Background: https://lists.refeds.org/sympa/arc/refeds/2019-07/msg00010.html
- Chrome is updating how cookies are handled , will likely hit in 2020
- Concern for commercial SPs who have written their own software.
- TAC appears to be tracking and formulating thoughts on it.
- Will be discussed on next week’s TAC call
- OIDC open letter: https://www.zdnet.com/article/openid-foundation-says-sign-in-with-apple-is-not-secure-enough/
- T&I Hackathon September 2019 in Copenhagen https://wiki.refeds.org/pages/viewpage.action?pageId=44959235
Topics being tracked
- "Sign In With Apple": WUWT?
- https://techcrunch.com/2019/06/03/apple-sign-in-privacy/
OPENID foundation reacted to this development
Will this do damage to OPENID connect or OAUTH?
There are worrisome privacy implications in what Apple is doing
- https://techcrunch.com/2019/06/03/apple-sign-in-privacy/
- Continue prioritizing CACTI FIM4R recommendations (Chris/Jill)
- infrastructure, services to end users, software dev, infrastructure as a service, and outreach and education
- Focus of conversation: to identify high priority items/quick wins in the above areas
- Build on last meetings outcomes focusing on the 5 areas we highlighted
- ID Pro (Chris has next touch point)
- Future Agenda items: Attribute release issues
Next Call: Tuesday, July 23, 2019