Page tree
Skip to end of metadata
Go to start of metadata



CACTI Meeting at Tech Ex in New Orleans
Tuesday, Dec 10, 2019




  • Tom Jordan, University of Wisc - Madison (stand in chair for this meeting)  
  • Chris Phillips, CANARIE (chair) - remote
  • Marina Adomeit, SUNET 
  • Tom Barton, University of Chicago  
  • Rob Carter, Duke   
  • Jill Gemmill, Clemson   
  • Karen Herrington, Virginia Tech   
  • Christos Kanellopoulos, GEANT  
  • Les LaCroix, Carleton College 
  • Matthew Economou, InCommon TAC Representative to CACTI  

 New CACTI Members as of January 2020

  • Margaret Cullen, Painless Security  
  • Michael Grady, Unicon 
  • Bill Thompson, Lafayette College  


  • Kevin Morooney  
  • Ann West  
  • Steve Zoppi  
  • Nick Roy 
  • Jessica Coltrin  


  • Warren Anderson, University of Wisconsin-Milwaukee /LIGO
  • Nathan Dors, U Washington  
  • Todd Higgins, Franklin & Marshall College  




CACTI Membership

  • First membership transition since the inception of CACTI 

    New members:

      • Margaret Cullen, Painless Security
      • Bill Thompson, Lafayette College
      • Michael Grady, Unicon

    Member with renewed three-year term:

      • Rob Carter, Duke University

    Existing members:

      • Chris Philliips, CANARIE (Chair)
      • Karen Herrington, Virginia Tech
      • Les LaCroix, Carleton College
      • Marina Adomeit, SUNET
      • Tom Jordan, University of Wisconsin - Madison
      • Christos Kanellopoulos, GÉANT
      • Jill Gemmill, Clemson University
      • Nathan Dors, University of Washington

    Departing members:

      • Warren Anderson, LIGO Scientific Collaboration
      • Tom Barton, University of Chicago
      • Todd Higgins, Franklin and Marshall College

    Welcome new members, thanks to continuing members, special thanks to departing members.

Officer nominations process

  • Everyone is automatically nominated for chair and vice-chair by default, unless you opt-out
  • Chair runs meetings, vice-chair runs them in absentia
  • Chair/vice chair meet with flywheel (Nick) to set agenda
    • Would be good to have people add a self-submitted blurb about each candidate (if supplied)
    • Deadline for opt-outs/blurbs will likely be next week sometime.
    • Jessica will send out an email to the group with details after this meeting

CACTI directions 2020 conversation

    •  Important questions
      • What does CACTI need to be to support T&I operations within the community at large?
      • Looking inward at our institutions, what is happening there, and communicate that to others - so we are grounded in real needs, and share a basis for action.
    • Where do we think we need to go as a group to serve those two broad areas?

               CACTI Charter:

      •   Review of some points from the CACTI charter 
        • Standing architecture strategy group of community members chartered by the Internet2 Vice President for Trust and Identity
        • Strategic architectural input to Trust and Identity activities
        • Create & manage working groups
        • Broadly share info of relevance
        • Maintain public and timely proceedings
        • Collaborate / engage nationally and internationally
      • Sustaining federation as an activity, and sustaining the rest of the portfolio that leads into federation
      • What do we need to do right now so we get where we want to be a few years down the road?
      • Have talked  about training and sustaining through InCommon Academy, BaseCAMP, etc. in order to grow IAM professional base in R&E.

      • Kevin  - TI leadership highly aligned and spend a lot of time with each other.
        • Detected in FIM4R, REFEDS, some of the same themes we are discussing in CACTI planning, and among TI leadership.
        • Not sure we have ever been this highly aligned before.
        • We - the entire community, managed to all get on the same page, be self-aware/self-organizing.
        • Community is at a place it had strived to be at for 15 years. Now there is a global pause about “what is next”?
        • Have a lot of good technical perspective on CACTI
        • Kevin/Ann/TomB have to engineer communications strategies, which are pretty different from defining technical solutions.
        • Have to do a whole lot of additional engagement. Where we’ve been was deeply and wholly technical. Have to continue doing work in that lane, but it’s not enough. The rest is all the other stuff. Need to ask for a lot of extra help for that part that this group isn’t good at (right now).
        • “Having the answer is 1% of the solution”
        • Important to pick “the right things” to do. How do you say “no”? You have to finesse it.
        • Goals between GÉANT and Internet2 are the same, but the tactics can’t be the same.
        • Clarity-seeking process involves a lot of things. At some point, someone has to take a step forward, make a case for action, and communicate that so decisions can be made.
        • Need to make it easier, and make people aware that it’s not difficult, or if it is, taking that feedback and improving it.
        • Engaging a key group to interview on case studies. Example: IPv6 didn’t really happen until they convinced the 3GPP to use it.
        • May not be convincing university IT to want this, it’s convincing someone else. Who are those others?
        • Another GÉANT-I2 contrast. Here, we keep gravitating toward talking about tools. With the stakeholders in the EU, it’s always a conversation about capabilities.
        • Promoting technologies doesn’t get you far with the target communities. The communities care about what they want to do/what this can enable.

      • It is important to see other legs of the stool beyond teaching (InCommon Academy).
        • Shaping the other parts of a workplan: Engagement with communities of practice.
        • Before developing the workplan, we need to ask “What impact do we want to achieve in what timeframe?”
        • Start with a shorter timeframe: suggest 2-3 years.
        • Understanding who pays our bills: CIOs
        • Understanding our value: Collaboration in teaching, learning and research, which isn’t always coming out of the CIO budget.
        • Other types of “FIM4” we should engage- example Seamless Access, research librarians and FIM4L. Need analogues to that.
        • Top 7 EDUCAUSE CIO priorities for the  last 10 years: research isn’t one of them.
          • Teaching and learning is always at the top of the list.
          • Can we tell the story that our work is valuable for saving money, consolidation, deduplication of effort, support for the teaching and learning mission?
          • That is important at orgs of all sizes.
        • Interview CIOs- what are they hearing when they talk to the Oktas of the world?
        • How can we then positively differentiate ourselves, and communicate that differentiation in a digestible way?
        • A lot of what CIOs are worrying about is securing access to sensitive data. We have solutions for that.
        • CACTI needs to define the “there” that we want to go.
        • This is uncomfortable because our threat diagnostics don’t work well that far out. The way we’ve done this before served us well for 15 years. Not sure that will get us to where we need to be.
        • CACTI as a new body might be able to play *a* role.
        • That we are struggling to define where “there” is is OK, for now, but starting to become a bit of a problem.  
        • Need to try to “boil part of the ocean,”
        • Don’t need to boil the entire ocean.
        • What old allies do we need to work with, or new allies do we need to find?

        • Trust and Identity is a means to an end. It enables things.
        • The value that we deliver is related to the things that we enable.
        • In Europe, it’s very clear what we’re enabling there- clear conversations around research, European open science cloud, student mobility enablement.
          • Easy to analyze the threats based on that.
      • What are the key things we need to enable in this part of the world?
        • Aside from research collaborations - FIM4R theme
        • How do we fit into an increasingly cloud-oriented market?
        • Tension between academic/research support and commercial/enterprise part of organizations
        • Don’t always have a strong fabric of collaboration in the US that may exist in other parts of the world
        • If we were to ask all of the orgs that are using Shibboleth, InCommon members, etc. “How do you use these things in anything that is not directly related to the circle of services the university provides?” We would probably find “not much.” Manifests itself in guest systems that we all still have to run.
        • Not a tension between research and TI, it’s that our institutions are still thinking in silos and don’t see this as a service to support collaboration.

        • Contrast between Europe and US -   has to do with the way things are funded in Europe.   
        • In the US, universities fund their own infrastructure just like businesses do.
        • Collaboration with international partners in the case of, for example, NIH NIAID is crucial, it’s everything they do.
        • Federation is a really big hammer for a really big nail. \
        • Use federation for everything, internally.
        • How was able to give a partner access to DNS services, for example.
        • Want to do more than just Sharepoint, AWS, data capture system.
        • It means building it into the requirements for new acquisitions of software and services, infrastructure, etc.
        • Have to evangelize. Because we have input and sometimes control over those requirements processes, that gets vendors’ attention.
        • Even though don’t need multilateral federation any more, still ask for it, because it benefits all the other people who depend on this.
        • A lot of our focus has been tactical over the years
      • Be strategic about our engagement:
        • Who do we need to talk to, how, and why?
        • Vendor consortium to vendor consortium,
        • industry to industry,
        • using tools like HECVAT, that help community industry/sector requirements.
        • Pivot out of individual/tactical and into strategic/global.
        • Don’t just go to IAM conferences. Attend things like the NSF CI Security conference.
          • Show them how our stuff can help solve their problems. Learn about their use cases.
        • Example of connections:
          • We have Clemson and Lafayette that work on the Eastern Research Platform.
          • Need to help them with federation.
          • Those are really good connections that some of us have in our daily jobs.
        • Small college perspective
          • Research is great, have a little bit.
          • Collab is great, have a little bit of that.
          • Have all of the problems that show up on the solutions portfolio of a company like Cirrus Identity.
          • Right now this stuff is complex, and doesn’t translate to a campus this size. 
          • Trusted access platform packaged components help reduce complexity.
          • This is also the first year that SAML hasn’t been a struggle to argue with vendors about support.
      • Can we continue to push, define requirements for the future of the trusted access platform, so we can address the ease-of-use gap without reducing available and necessary features that our portfolio supports?  
      • Where do we need to push, what are the edges that define the ease of use stories?
      • What mix of people/perspectives are we missing?
        • Support the CIO,  while
        • Supporting global collab, which is our primary differentiator


Next CACTI Meeting: Tuesday, January 7th, 2020 at 11am ET

  • No labels