Page tree
Skip to end of metadata
Go to start of metadata

CACTI Call June 23, 2020

Attending

  Members

  • Tom Jordan, University of Wisc - Madison (chair)  
  • Jill Gemmill, Clemson  (vice chair)  
  • Marina Adomeit, SUNET  
  • Rob Carter, Duke   
  • Margaret Cullen, Painless Security 
  • Matthew Economou, InCommon TAC Representative to CACTI  
  • Michael Grady, Unicon 
  • Karen Herrington, Virginia Tech   
  • Christos Kanellopoulos, GEANT  
  • Les LaCroix, Carleton College 
  • Chris Phillips, CANARIE  
  • Bill Thompson, Lafayette College  

  Internet2 

  • Kevin Morooney   
  • Steve Zoppi   
  • Nick Roy  
  • Jessica Fink  
  • Emily Eisbruch   
  • Mike Zawacki  

  Regrets

  • Nathan Dors, U Washington  
  • Ann West, Internet2

New Action items:

  • AI (Jill and Tom) will schedule call with Keith Hazelton to discuss a feedback loop in both directions around packaging
  • AI (CACTI members) review updated HE registry-aaS prospectus  for next CACTI call
  • AI (Jessica) set up a call with KarenH, ChrisP, and the community member interested in leadership of the proposed Recruiting and Hiring WG


Intellectual Property reminder  https://www.internet2.edu/policies/intellectual-property-framework/

DISCUSSION

Packaging - CACTI / Component architects discussion on community requirements for packaging (Tom)

  • Does CACTI have role in helping to figure out community packaging requirements for the Trusted Access Platform?  
  • To assess and gather / manage community requirements with regard to packaging
  • CACTI can help steer the discussions on packaging so the community has a voice 
  • Packaging is under the Trust Access Platform software integration working group led by Keith Hazelton.
  • Factors and stakeholders to consider:
    • Adopters would like packaging to be consistent and coherent
    • Projects (Grouper, Shib, COmanage, etc) may have preferences around packaging 
    • Developers are working with fixed set of resources
  • CACTI can reach into the community and help make sure the reasonable balance is being struck
  • There will never be a perfect solution
  • Configuration for packaging is an important topic:
    • Internet2 is tasked with providing packages that can be extended.
    • Do not want to do things upstream to prevent extension of packages downstream.
    • Making the containers infinitely configurable is not the right approach, makes training and scope too complex, need to strike a balance  
  • TomJ: Trust Access Platform software integration working group  is the right place to manage the decisions around packaging. 
  • But making the decisions and approach around packaging visible to the community is a function CACTI can help with. 
  • CACTI could put together principles around packaging and share that with the community, help amplify the message
  • Sustainability and software supply chain is important
  • Shibboleth and packaging  
    • Shib Consortium is not currently able to embrace the direction of enforcing containers
    • Due to budget/resource constraints
    • Migration to Shib v4 is coming up 
    • Small percent of orgs are at Shib v4. However Shib v4 is required for the IDP for SIRTFI so this will become an issue in 2021
    • Being asked at CANARIE how to get all the IDPs current to Shib V4. Hoping that use of containers will help
    • Shib is the best identity provider system, but  can be challenging to deploy  and update
    • For containerized products, upgrades are much simpler
    • A promising model is the direction taken by Grouper, introducing attractive new features, including easier upgrade path, with embrace of container strategy
    • Need to look at how the Shib SP protects applications 
  • All CACTI members are welcome at the biweekly component architect meetings (Mondays at 1pm ET), this group includes representatives from every software project
  • Summary: Document principles around packaging  and make them more clear to the community. Make a   path for the community to provide input 
  • AI (Jill and Tom) will schedule call with Keith Hazelton to discuss a feedback loop in both directions around packaging 


Recruiting and Hiring WG update  (Jessica) 

    •  June 10, 2020 IAM Online on Hiring for IAM went well
    • Good turnout at webinar , 88 participants
    • Regarding next steps for the proposed Recruiting & Developing IAM Resources working group,
    • we have a community member willing to co-chair, and another community member expressed interest in participating
    • ChrisP and KarenH are interested in being CACTI sponsors 
    • AI Jessica will set up a call with KarenH, ChrisP, and the community member interested in leadership of the Recruting and Hiring WG
    • Then announce the working group and do more announcements / outreach
    • Hiring freezes are causing increased outsourcing at some organizations
    • Hiring and onboarding new people who work remotely is another challenge


Review of updated HE registry-aaS prospectus and next steps (Tom)

  • TomJ has updated the document with delineation of possible goals / objectives 
  • One goal of the prospectus is to explore the problem space
  • Based on this we can analyze what is possible, what makes sense
  • AI CACTI members please review updated HE registry-aaS prospectus for next CACTI call
  •  Question on how this proposal relieves the organization of the identity proofing tasks 
  • Need to work around absence of a US citizens digital registry 
  • Use this to explore different solutions
  • There is a desire to solve the issue of portability and extensibility and persistence of the identity 
  • What about improving the trust levels of the student identities?
  • Challenging for institutions to have step-up identity proofing, when needed
  • There are potential liability issues when  identities proofed at one institution is shared with other institutions
  • Hoping Pal A will join a future CACTI call, to share lessons learned from EDU ID https://eduid.se/en/
  • Benefits come from identification of an individual across institutions
  • Identity proofing for password resetting is a challenge at many institutions
    • A universal service to handle password resetting would be helpful

Parking Lot

  1. (From June 9, 2020 call) TomJ  - Add as an agenda item for a future CACTI call: Operationalizing containers

Next Meeting: Tuesday, July 7th, 2020

 

  • No labels