AD-Assurance Notes from March 15
Mark Rank, UCSF
David Walker, InCommon/Internet2
Michael Brogan, UWash
Jeff Capehart, UFL
Ron Thielen, UChicago
Brian Arkills, UWash
Dean Wells, Microsoft
Chris Irwin, Microsoft
Jeff Whitworth, UNC-Greensboro
Warren Curry, UFL
Ann West, InCommon/Internet2
Joseph Streeter, UW Madison
Next Call
March 22 at Noon ET
+1-734-615-7474 PREFERRED
+1-866-411-0013
0195240#
Action Items
Old
Ann will work with Debbie Bucci (NIH) to set up calls with Federal Agencies that have certified IdPs.
New
Michael will update scope statement and summary table in the wiki.
All to prepare for gap analysis discussion. Refer to the Cookbook (linked to our project wiki page) and summary matrix.
Notes
Microsoft
Chris Irwin and Dean Wells joined the call, have offered their help, and asked that we provide MS with
- IAP implementation questions scope to our targeted product(s) and versions
- Discussion of what we're trying to solve
Using this, he can develop a Microsoft response and determine next steps.
Scope
Product scoping. For now, the work will be limited to AD-DS. Another alternative means for AD-FS may be developed in the future to help those schools using that product in the assurance flow. Use case: Office365 access. Suggestion is to keep the scope smaller, focusing on the product with the largest install-base and assurance implication, so we can make more timely recommendations that benefit the largest number of schools.
Version: The current Cookbook refers to 2008 R2; At minimum, our work should address this version. 2012 is not widely deployed yet, but if we have a path forward with 2008 R2, we ask Microsoft about the DIFF with 2012.
IAP: Remove the AD-FS related items (4.2.4.5, 4.2.5.3, 4.2.5.5) and add in 4.2.8.2.1 due to requirement for protected channels (and approved algorithms).
[AI] Michael to update Scope and Summary Matrix for discussion on the next call.
Next Call Friday March 22 at Noon ET