Internet2 is investigating a security incident involving a compromise to a confluence server that affected https://spaces.at.internet2.edu on April 10, 2019, which was successfully mitigated on April 12, 2019. If you did not receive an email from us, it’s unlikely that any of the content you submitted to the Internet2 Spaces Wiki needs to be re-entered. We apologize for any inconvenience this may have caused. Should you have any questions or require further assistance, please email collaboration-support@internet2.edu.
Skip to end of metadata
Go to start of metadata

Attending

  • Mary Catherine Martinez, InnoSoft (chair)  

  • Brett Bieber, University of Nebraska  

  • David Bantz, University of Alaska  

  • Tom Barton, University Chicago and Internet2  

  • Jon Miner, University of Wisc - Madison

  • Chris Whalen, Research Data and Communication Technologies

  • John Hover, Brookhaven National Lab

  • John Pfeifer, University of Maryland  

  • Rachana Ananthakrishnan, Globus, University of Chicago

  • Albert Wu, Internet2  

  • Emily Eisbruch, Internet2   


Regrets

  • Adam Lewenberg, Stanford

  • Chris Hable, University of Michigan

  • Ann West, Internet2

Action Items from this call

DISCUSSION

Membership update from Steering

  1. Steering approved the CTAB slate, welcome and congratulations

  2. Officially reach out to new members - welcome and officially update calendar invite and committee material access

No face-to-face CTAB meeting at Global Summit

  • An informal get together may be of interest

Baseline Expectations Docket  

  •  Assignments, updates, and next steps

    • Albert provided assignments to CTAB members for outreach to orgs that have not responded to previous Baseline Expectations outreach

    • Averaged about 2 orgs per CTAB member for this outreach

    • Just shy of 20 organizations

    • Most of the entities left to meet BE are sponsored partners 

    • Will be helpful to inform the sponsoring organization
    • Albert will do some outreach on the Net+ side.

    • Some responses have been received

    • Good progress

    • One org will be withdrawing from InCommon

      • Perhaps a different label from “resolved” is best for an org leaving InCommon

    • There are samples in the doc of emails that were used to do the outreach to those not  yet meeting Baseline Expectations

    • Best to use the wiki as place to track activities


    • Idea of tracking, thru discovery service, which institutions are interacting with the sponsored partner. But most not using WAVE anymore.

    • Next Steps:

      • Albert will make next round of assignments to CTAB members.

      • Albert will check thru Internet2 on Sponsored Partners and on the billing side

  • Baseline Expectations survey going out soon

    • Please send feedback on the proposed survey to Dean by 2/7

    • It's necessary to take the survey to assess it

    • Q: was the roadmap discussion around priorities included in some of the survey questions?  

    • A: The survey does not specifically ask about next priorities, but it mentions there will be recurring work and asks about the cycle times.

CTAB 2019 Roadmap

    • It was noted that there are concerns about enforcing MFA as part of baseline.

    • Some orgs have already implemented MFA , but perhaps not the REFEDS MFA profile, don’t want to make things hard for orgs in that position

    • Could provide a long lead time to comply, perhaps until Dec 2021

    • Suggestion to provide more time to early adopters  (orgs already doing this by earlier means)

      • Create two cohorts regarding MFA and treat them separately

    • Suggestion to use consensus phase to conduct a survey to find out if you have implemented MFA and if CTAB moved forward with profile including MFA, how much work would that be

    • Concern that non Shib IDPs cannot comply easily with REFEDs MFA profile

      • Also Shibboleth IDP before v3.3 cannot assert REFEDS MFA profile

    • U Wisc uses reverse proxy that can sort for MFA issue

    • Authentication context class can be used to handle the MFA profile, but we should get an expert to provide more details


    • Concerns around SIRTFI and Baseline Expectations. TomB noted in the past sometimes a security person would look at the specs in the SIRTFI doc and think of the most extreme and perfect implementation even though the spec has some flexibility.

    • [AI] David Bantz share with TomB, Albert and ChrisW some concerns around Error URL in  proposed deployment profile - https://kantarainitiative.github.io/SAMLprofiles/saml2int.html#_metadata_and_trust_management  

    •   Rachana: from SP perspective, having a page with contact information is an important helpful step

    • [AI]  Albert reach out to get general feedback on proposed CTAB roadmap from InCommon staff. Albert will ask for input  while stating this roadmap is still in flux.

    • TomB will also share some of the CTAB roadmap work at TIIME in Vienna.

    • Process for the CTAB Roadmap and work plan.  

      • CTAB will want to share the proposed CTAB roadmap  / work plan with InCommon staff.

      • Will also want to share with CACTI and InCommon TAC

  • Check in with T&I teams to gauge implementation difficulty and potential scheduling conflicts


Next CTAB Call : Wed. Feb 20, 2019

  • Feb 13 CTAB call is cancelled

 

  • No labels