Attending
Mary Catherine Martinez, InnoSoft (chair)
Brett Bieber, University of Nebraska
David Bantz, University of Alaska
Tom Barton, University Chicago and Internet2
Jon Miner, University of Wisc - Madison
Chris Whalen, Research Data and Communication Technologies
John Hover, Brookhaven National Lab
John Pfeifer, University of Maryland
Rachana Ananthakrishnan, Globus, University of Chicago
Albert Wu, Internet2
Emily Eisbruch, Internet2
Regrets
Adam Lewenberg, Stanford
Chris Hable, University of Michigan
Ann West, Internet2
Action Items from this call
[AI] David Bantz share with TomB, Albert and ChrisW some concerns around Error URL in proposed deployment profile - https://kantarainitiative.github.io/SAMLprofiles/saml2int.html#_metadata_and_trust_management
[AI] Albert reach out to get general feedback on proposed CTAB roadmap from InCommon staff. Albert will ask for input while stating this roadmap is still in flux.
DISCUSSION
Membership update from Steering
Steering approved the CTAB slate, welcome and congratulations
Officially reach out to new members - welcome and officially update calendar invite and committee material access
No face-to-face CTAB meeting at Global Summit
An informal get together may be of interest
Baseline Expectations Docket
Assignments, updates, and next steps
Albert provided assignments to CTAB members for outreach to orgs that have not responded to previous Baseline Expectations outreach
Averaged about 2 orgs per CTAB member for this outreach
Just shy of 20 organizations
Most of the entities left to meet BE are sponsored partners
- Will be helpful to inform the sponsoring organization
- Albert will do some outreach on the Net+ side.
Some responses have been received
Good progress
One org will be withdrawing from InCommon
Perhaps a different label from “resolved” is best for an org leaving InCommon
There are samples in the doc of emails that were used to do the outreach to those not yet meeting Baseline Expectations
Best to use the wiki as place to track activities
Idea of tracking, thru discovery service, which institutions are interacting with the sponsored partner. But most not using WAVE anymore.
Next Steps:
Albert will make next round of assignments to CTAB members.
Albert will check thru Internet2 on Sponsored Partners and on the billing side
Baseline Expectations survey going out soon
Please send feedback on the proposed survey to Dean by 2/7
It's necessary to take the survey to assess it
Q: was the roadmap discussion around priorities included in some of the survey questions?
A: The survey does not specifically ask about next priorities, but it mentions there will be recurring work and asks about the cycle times.
CTAB 2019 Roadmap
It was noted that there are concerns about enforcing MFA as part of baseline.
Some orgs have already implemented MFA , but perhaps not the REFEDS MFA profile, don’t want to make things hard for orgs in that position
Could provide a long lead time to comply, perhaps until Dec 2021
Suggestion to provide more time to early adopters (orgs already doing this by earlier means)
Create two cohorts regarding MFA and treat them separately
Suggestion to use consensus phase to conduct a survey to find out if you have implemented MFA and if CTAB moved forward with profile including MFA, how much work would that be
Concern that non Shib IDPs cannot comply easily with REFEDs MFA profile
Also Shibboleth IDP before v3.3 cannot assert REFEDS MFA profile
U Wisc uses reverse proxy that can sort for MFA issue
Authentication context class can be used to handle the MFA profile, but we should get an expert to provide more details
Concerns around SIRTFI and Baseline Expectations. TomB noted in the past sometimes a security person would look at the specs in the SIRTFI doc and think of the most extreme and perfect implementation even though the spec has some flexibility.
[AI] David Bantz share with TomB, Albert and ChrisW some concerns around Error URL in proposed deployment profile - https://kantarainitiative.github.io/SAMLprofiles/saml2int.html#_metadata_and_trust_management
Rachana: from SP perspective, having a page with contact information is an important helpful step
[AI] Albert reach out to get general feedback on proposed CTAB roadmap from InCommon staff. Albert will ask for input while stating this roadmap is still in flux.
TomB will also share some of the CTAB roadmap work at TIIME in Vienna.
Process for the CTAB Roadmap and work plan.
CTAB will want to share the proposed CTAB roadmap / work plan with InCommon staff.
Will also want to share with CACTI and InCommon TAC
Check in with T&I teams to gauge implementation difficulty and potential scheduling conflicts
Next CTAB Call : Wed. Feb 20, 2019
Feb 13 CTAB call is cancelled