CTAB Call Wed. May 23, 2018
Attending:
Brett Bieber, University of Nebraska (chair)
Mary Catherine Martinez, InnoSoft (vice chair)
David Bantz, University of Alaska
Tom Barton, University Chicago and Internet2
Ted Hanss, University of Michigan
Jon Miner, University of Wisc - Madison
Emily Eisbruch, Internet2
Regrets:
- Chris Whalen, National Institutes of Health
- Chris Hable, University of Michigan
- Joanna Rojas, Duke
- Ann West, Internet2
DISCUSSION
Updates on Action Items from previous calls:
[AI] Ann develop a timeline with milestones for getting us from BE Required to BE Enforced
See below for comments
[AI] Ann draft a handful of processes to escalate who to contact first. Erin can help.
Consider pulling in the community to reach out to “delinquent” folks
Share graphs monthly and highlight those that will be focused on.
[AI] Ann revise the strawman draft to tackle campuses/orgs and drive up “compliance” -
[AI] Brett resolve remaining comments in the Community Consensus Process Doc, nearly done
[AI] David Walker update the Federation wiki re privacy policy and logo info (once the guidance is final). These will be linked from the BE FAQ
Baseline Expectations
Readiness for June 15
Getting from Baseline Expectations Required to Baseline Expectations Enforced
Transition the Community to InCommon Baseline Expectations
Ann developed timeline with milestones
Shows steps over next 9 months
Comment: Would be helpful to clarify what happens in month 8, what is meant by “alter metadata”
How do we decide which “not meeting Baseline Expectations” cases to examine and take action on?
It may be helpful to have a transparent process so it does not seem we are targeting particular orgs over others.
For example, announce we will contact R1 institutions first?
Perhaps include some such strategy in the June 15? communication.
Another opinion is that we should not to announce in advance a strategy around which entities not meeting BE will be targeted.
Need to see how many non complying entities there are.
Brett: InCommon staff will make some phone calls to orgs not meeting BE leading up to month 6.
There will be a plan of which orgs to contact/approach.
Health check report-out and published lists are key.
Leveraging TechEx to help with communications.
The community is considered transitioned when 95% of entities adhere.
If an org has a plan for conforming to BE, this will count towards the 95% adherence goal
Consensus that the “Transition the Community to InCommon Baseline Expectations” plan Ann drafted is a good starting point.
Suggested Resources for InCommon Staff working on outreach around BE
Review health check reports
Review InCommon Fee schedule
Suggestion to help schools that are close to meeting BE (missing only one element) to help them close the gap. How’s that privacy policy going?
A commercial SP with a “big multiplier” would be good to focus on.
Federation Manager “Enforcement” of Baseline Expectations
Around May 29, The Federation Manager will include a warning for entity edit when you click SAVE if you are missing the BE elements
Nick is waiting for CTAB to decide when to flip the switch on enforcing BE in Federation Manager
Outreach
Please review these blogs Brett has drafted for an upcoming BE themed newsletter:
blog for privacy policy guidance https://www.internet2.edu/blogs/detail/15968
blog for logo guidance https://www.internet2.edu/blogs/detail/15968
Some concern about the requirement for certain logo dimensions. See suggestion to the SAML2int consultation https://spaces.at.internet2.edu/x/GASMBw
Suggestion to simplify the blog by removing the info about the SAML2int logo dimensions
Add another Q&A in the blog… clarifying that BE only required that there be a logo present in metadata
[AI] (Brett) update the blog around logo format to make it less rigid
Baseline Expectation Community Consensus Process
assigned Repository ID: TI.107.1 (will be in repository after consultation and approval)
Need to resolve Tom’s comment about whether initial and call for alternatives should be combined into one…. Brett thinks yes. Brett will handle this
Hope for a CTAB demo from BillK around COmanage to be scheduled in the coming weeks to shed light on spinning up groups around dispute resolution and community consensus.
Consultation scheduled for
Open Tuesday June 5
Close on Tuesday July 10
Table top exercise around supporting baseline and dispute resolution
Brett is planning this, TomB will create a possible scenario
Include a few people from InC Operations
Will be scheduled within next month or so. Could take a few hours
Monthly Assurance Calls - Should they be continued?
- Should CTAB try to continue monthly assurance calls?
- These monthly calls are mentioned in the “Stay Informed’ Box on the right on the Assurance wiki:
- https://spaces.at.internet2.edu/x/4SM
REFEDS Consultations
REFEDS Assurance Framework (round 2) Open until June 22 2018 https://wiki.refeds.org/display/CON/Consultation%3A+REFEDS+Assurance+Framework+round+2.
REFEDS Single Factor Authentication (SFA) Profile: Open until June 22 2018
https://wiki.refeds.org/display/CON/Consultation%3A+REFEDS+SFA+Profile.
Next CTAB Call: Wed, June 6, 2018