Notes and Action Items, AAC Call of 6-Dec-2017
Attending
- Brett Bieber, University of Nebraska (chair)
- Tom Barton, U. Chicago and Internet2
- Ted Hanss, University of Michigan
- Joanna Rojas, Duke
- Ann West, Internet2
- Emily Eisbruch, Internet2
Regrets: Chris Whalen
Action Items
- [AI] (TomB) reach out to Ivy Plus and the Big 10 CISOs to recruit for CTAB . [Done]
Discussion
Assurance Webinar of Dec. 6, 2017
- 17 people attended
- Two people have expressed interest in serving on CTAB, including a Service Provider rep
- Slides and recording are linked from here https://spaces.at.internet2.edu/x/wxr9Bg
Opening of Consultation on CTAB Charter
- Consultation is open until Jan. 2, 2018. See link: https://spaces.at.internet2.edu/x/5Br9Bg
Recruitment for CTAB members
- CTAB/AAC Recruitment
- [AI] (Brett) email InCommon participants email list and Assurance email lists with reminder of recruitment for CTAB (DONE)
- Emphasize lasting impact of CTAB on what happens in research and HE
- Word of mouth will help in recruiting CTAB members
- [AI] (TomB) reach out to Ivy Plus and the Big 10 CISOs to recruit for CTAB
- Most current AAC members are likely to continue and serve on CTAB
- TomB will not be the InCommon TAC representative on the AAC after 2017, since he is rolling off TAC, but he might be an InCommon Ops rep on CTAB
- InCommon Steering’s next meeting when they might approve new CTAB members will be in January or after.
FOPP & Participation Agreement modifications
- Ann has made a new round of proposed updates to the FOPP and the InCommon Participation Agreement
- AAC members are requested to please review the suggested changes to the FOPP and the PA again
FICAM Trust Framework Certification Process
- There was a question to InCommon Steering regarding implications for those participants who have not upgraded to Shib v3
- Potentially this Shib issue could fall under Security provisions of BE
- But it is best not to rush Baseline Expectations dispute process to address the Shib v2/v3 issue
- Perhaps eventually CTAB could come up with general guidelines of how far (how many month) out of date in upgrading important security measures a participant is allowed to be
- Note: we already have an incident response practice which may be helpful in this area
Other
- InCommon Operations is drafting a baseline expectations intent paper. Talks about strategic value and change management
- Dean has scheduled 3 webinars on Baseline Expectations in Jan, Feb, and March 2018
Next AAC Call: Dec. 20, 2017