CACTI notes of Wednesday, September 13, 2023

Attending: Kevin Hickey, Margaret Cullen, Rob Carter, Gareth Wood, Richard Frovarp, Chris Phillips, John Bradley, Jeremy Perkins

With: Nicole Roy, Rob Gorrell (eAC rep to CACTI), Steve Zoppi, Ann West, Jeremy Perkins

Regrets: David Walker, Marina Krenz, Derek Owens, Kevin Mackie, Erik Scott


Pre-Read Materials: 

  1. NIST SP800-63 rev 4 feedback
  2. eduVPN background

Action Item Review:

 Agenda

  1. Administrivia
    1. Volunteer(s) to scribe
    2. Agenda bash
    3. Please nominate relevant/talented individuals (including yourself, if you are up for renom)  (Due by October 1)
    4. If your term is ending and you don't intend to renominate yourself, please let Nicole know, ASAP (see CACTI tab on this page for term end dates)
  2. Announcements
    1. Working Group Updates (email only) - Please share via email on the CACTI list ahead of time
  3. Main Business

    1. Prep for TechEx CACTI open meeting
      1. Next-gen credentials report out
        1. Brief introduction/background of CACTI  AI. Margaret
        2. Pointer to planned ACAMP session
        3. Nominations including self-nominations are open 
        4. Slide deck taking shape
    2. ACAMP “Brain drain” topic
      1. How can we make it easier?
      2. What is the value we provide?
        1. Trust establishment
      3. Secondmuse conversations are complimentary to this conversation
      4. Are next-generation credentials a potential piece of the solution?
        1. Passkeys
        2. Wallets
    3. eduVPN in New Zealand (Gareth Wood)
      1. Presentation available in meeting recording and here
      2. What is the advantage of using eduVPN vs other solutions?
        1. Cost
        2. Profile deployment
      3. eduroam and eduVPN 
    4. Google and MFA (Margaret)
      1. Reports that by a certain date logins will require MFA 
        1. No confirmation at this time
        2. Gmail accounts not workplace accounts slowly migrating to MFA
          1. Google MFA uses long lived session cookies
      2. What is the impact, if any, to eduroam?
    5. Next steps for linking SSO systems/proxies WGs (sync up with TAC?)
      1. AI.  Margaret will send communication “How do we proceed with the rest of the work?”
    6. Next steps with NIST
      1. 800-63 feedback update from TomB (did we hear back from him)
      2. NIST Internal or Interagency Report (NISTIR) 8481 (Draft), Cybersecurity for Research: Findings and Possible Paths Forward
        1. Feedback/comments AI Nicole Reach out to Tom to possible coordinate review/collection
        2. AI. All Read document Kevin Create poll After reading 8431 is this something we want to move forward.with.
      3. US-EU VC/wallet shared terminology document
        1. ITU 
          1. Margaret to sync up with Johan Wassberg at TechEx on wallet cross connects with US-EU. Niels Van Dijk, as well
      4. NIST people attending TechEx? No

Next Meeting: Wednesday, October 11, 2023

  • No labels