InCommon Steering Committee Minutes - February 6, 2017
Attending: Sean Reynolds, Ann West, Melissa Woo, Ted Hanss, Marty Ringle, Klara Jelinkova, Michael Gettes, Dave Vernon, Dennis Cromwell
With: Kevin Morooney, Steve Zoppi, Mark Scheible, Von Welch
(AI) Ann will send the Per-Entity Metadata Working Group report to Chris Holmes, former Steering member and attorney at Baylor, asking for a review from the perspective of a campus attorney.
(AI) Dean will schedule a meeting for those interested in discussing potential next steps on the default R&S attribute bundle concerns.
The minutes from January 9, 2017, were approved via the wiki
Global Summit Information
- Sunday, April 23, 3-5:30 - InCommon Steering/TCIC/PAG meeting (will try to provide remote access if requested )
- Monday, April 24 - all day - Global Summit Executive Track
- Tuesday, April 25, 7:15-8:30 am - TIER Investor CIO Community Breakfast
- Full Trust and Identity Schedule
Creation of PAG
Kevin has been having discussions concerning the composition of the Trust and Identity PAG and intends to have things completed for the Global Summit. In consultation with others, he is looking at the mix of PAG representation among Steering, TCIC, the research community, the regional networks, and likely the chair of CACTI. InCommon Steering will also need to continue as long as there is an InCommon LLC.
2017 Officer Election Results
Sean Reynolds, Chair
Ted Hanss, Vice-Chair
Dennis Cromwell, Secretary
Sean recapped the main issues raised in the Per-Entity Metadata Working Group Report. The current aggregate model doesn’t scale and we need a different way to distribute the identity provider and service provider information (metadata). This is somewhat acute on the SP side of it. The per-entity solution allows the release of only the information needed or requested.
There are issues of availability, responsiveness, and security, all of which are documented in the report. This is a community report and recommendation and it has some implementation suggestions. If Steering accepts the report and recommendations, the next step will be for InCommon Operations to come back with an implementation plan including needed resources and staffing, as well as any potential impact (such as fees) on InCommon participants.
Resolution on Per-Entity Metadata Working Group Report
Marty moved and Michael seconded that Steering accept the report as a formal recommendation. The resolution was approved unanimously.
(AI) Ann will send the working group report to Chris Holmes, former Steering member and attorney at Baylor, asking for a review from the perspective of a campus attorney.
Von summarized the paper he distributed, R&S Category: Cure or Placebo. The gist is that we have been counting on the R&S category to provide scalable attribute release to service providers in the federation. However, the number of InCommon identity providers releasing the R&S attribute bundle is static at about 15 percent. Von suggests that the R&S attribute bundle become the default standard for all InCommon identity providers.
There was discussion about the potential barriers to R&S release at campuses. There don’t seem to be legitimate FERPA concerns; however, some campuses do not have the technology to track the FERPA flag as part of R&S, so they do not release for any students. Perhaps a statement from an attorney, or group of attorneys, combined with support from someone at NACUBO, would help. InCommon has tried a number of things in the past, including having CIOs talk to other CIOs, but the bar hasn’t moved.
It may be that the discussion doesn’t rise to the level of the CIO needing to worry about this, given other priorities. It could also be that the VP of Research, who would be a natural ally on attribute release, doesn’t know about the problem.
Sean mentioned that moving to R&S as the InCommon default will require a communications and outreach strategy to ensure that CIOs and others are comfortable with the move. One thing to clarify is whether we are talking about the default bundle being released to all global R&S service providers, or only US service providers in InCommon.
Ann and members of the Internet2 community engagement staff conducted several interviews with campuses (including CIOs plus other stakeholders on each call) to discuss attribute release. She will provide a summary of this effort. She also suggested that Steering consider the the roles of the federation operator and the participants. Is it the role of the federation operator, for instance, to broker conversations between SPs and IdPs that are not releasing the attribute bundle?
Sean suggested holding a conversation about next steps prior to the March Steering call, with the goal of bringing ideas and suggestions to the March call. (AI) Dean will make the arrangements for this conversation.
Next Meeting - March 6, 2017 - 4 pm ET