InCommon Steering Committee Minutes - August 29, 2016
Attending: Dennis Cromwell, Ann West, Von Welch, Michael Gettes, Michele Norin, Ted Hanss, Sean Reynolds, Steve Carmody, Klara Jelinkova, Susan Kelley
With: Mark Johnson (MCNC), Kevin Morooney, Steve Zoppi
Minutes of August 1, 2016
Need one more vote on Wisegate for approval.
Ann introduced Mark Johnson, CTO of MCNC, to help present the information about the Steward Program.
Several documents are on the wiki:
- Intent paper
- Trust model under the Steward Program (not changing; just outsourcing some to MCNC)
- Steward Program summary for execs
- FAQ, which will go on the website
- Public timeline, which will go on the website
- Legal and policy documents
- Participation Agreement
- Steward PA Addendum
Community review starts Tuesday, Aug. 30, and continues through September 29.
Highlights from the slides include:
- Conversations for this started in July 2009, as part of the InCommon Futures Report, which identified K-12 as an important potential constituent for InCommon.
- The Steward Program provides a way to scale the federation to K-12. It hinges on working with the regional network providers and leveraging their existing relationships with K-12 and community colleges.
- Identity Federations can help K-14:
- Reduce cost and complexity
- Ease access to services
- Increase security through integration with identity systems
- Enable sharing of software and services
- Enables more teaching and less IT
- Allows dual-enrolled students to use their school credentials to access resources
- How does this help the Regionals?
- Federation fits with international and cross sector trends to create an access management “network” (think -- software infrastructure to go with the network infrastructure).
- Also, with MCNC, would like to move K-12 more into the cloud vs. the “server in the closet”
- Enables delivery of new types of services at the national, state and regional level
- Accelerates implementation of new services
- Enables cost and easier technical sharing of services
- How does this help InCommon?
- Delivers on strategic direction
- Provides scalable method for extending the federation (and other related services) to K-12 and community colleges
- Reduces cost of providing federation to a key audience
- Partner with regional networks that already have closer, existing relationships with K-14 to serve as federation coordination points
- Delivers on strategic direction
InCommon will need 1 FTE to manage the program including on-boarding, training and relationship management. InCommon also needs to have help desk software in production, and have solved the anticipated problem of the trust registry size. Some of the costs that InCommon will incur are part of the "paths forward" discussions. For example, InCommon needs to implement the help desk software anyway - not just for the Steward Program - although it is a requirement for the Steward Program to proceed after the proof of concept.
Pricing is still under consideration. MCNC and InCommon are both considering the resources required, some of which will become more clear during the proof of concept. The goal is to find a model that takes costs out of the total system and that works for all parties. This isn't about a discount rate, but a new model for everyone. Ann and Mark Johnson will report back to Steering with an update on the proof of concept once the pricing model is developed.
There are also other regionals interested in the Steward Program; they are mainly waiting to learn about the pricing. InCommon and MCNC have been keeping the Quilt up to date on the progress of this program.
By a voice vote, Steering endorsed the proof of concept. No dissenters.
Path Forward Outcomes - Kevin Morooney
Kevin reviewed the process used for the Path Forward discussions (involving InCommon and TIER) and listed those who were involved.
The top two InCommon priorities: 1) sustaining Shibboleth software (IdP, SP and support for OpenID Connect); 2) hardening/sustaining federation operations, including disaster recovery and business continuity, software quality assurance processes, and scheduled security reviews.
The Shibboleth Consortium board will meet just before TechEx about making Shib more sustainable, as well.
The key InCommon funding recommendations are to increase dues and service fees, partnering with other federations in terms of funding for Shibboleth, and an Internet2 discussion about reallocating some resources.
The proposal is for an InCommon dues increase for 2017 to help increase the capacity for Shibboleth, to reduce the federation’s operational risk profile, and for service management adoption. This needs to be connected to a broader and longer discussion about sustainability of remaining priorities.
- The target is to add approximately 5 FTEs for the two areas. The model suggests a total cost of $190K/FTE, implies $950K
- Trust and Identity will receive a $250K increase from Certificate Service revenues in ‘17
- Target = $700K
- $800 across-the-board increase to each participant (currently 876 participants)
- Variable increases by level
- Level 1 (134): $950
- Level 2 (78): $875
- Level 3 (232): $825
- Level 4 (432): $725
Issues to sort through
- Level 1 Internet2 members’ InCommon fees are paid out of Internet2 membership fees
- InCommon invoices are distributed November 1
There will be extensive conversation about this at the F2F at TechEx.
Agenda for Joint InCommon Steering and TCIC at TechEx
Monday, Sept. 26, 2016, in Miami. 8 am - Noon
- Dues/fee increases (e.g. sustainability)
- Governance - further discussion on governance and the Trust/Identity PAG
Full Steering F2F with TCIC - September 26 - 8 am-noon - TechEx - Miami, FL
Full Steering - October 10 or 17, 2016 - 4 pm ET