Internet2 is investigating a security incident involving a compromise to a confluence server that affected https://spaces.at.internet2.edu on April 10, 2019, which was successfully mitigated on April 12, 2019. If you did not receive an email from us, it’s unlikely that any of the content you submitted to the Internet2 Spaces Wiki needs to be re-entered. We apologize for any inconvenience this may have caused. Should you have any questions or require further assistance, please email collaboration-support@internet2.edu.
Skip to end of metadata
Go to start of metadata

 CTAB Call Wed. Jan 30, 2019

Attending

  •  Mary Catherine Martinez, InnoSoft (chair)

  • David Bantz, University of Alaska 

  • Tom Barton, University Chicago and Internet2  

  • Jon Miner, University of Wisc - Madison 

  • Chris Whalen, Research Data and Communication Technologies  

  • Albert Wu, Internet2  

  • Ann West, Internet2   

  • Emily Eisbruch, Internet2    

  • John Pfeifer, University of Maryland  - guest

  • Adam Lewenberg, Stanford - guest


Regrets

  • Brett Bieber, University of Nebraska

  • Chris Hable, University of Michigan

  • Rachana Ananthakrishnan, Globus, University of Chicago    

  • John Hover, Brookhaven National Lab    

Action Items

  • [AI] (Albert) will  do a doodle poll to see how many CTAB members will be attending 2019 Global Summit (DONE)

  • [AI] Albert will randomly assign CTAB members to work on the gaps, orgs where we don’t have a contact (DONE)

Agenda 

2019 CTAB Members / Vice-Chair update  

  • David B - Vice Chair nominee

  • Mary Catherine - Chair nominee

  • Roster submitted to Steering for approval

    • Should hear back from Steering next week

  • Wiki content access update: worked out mechanical issues

    • The wiki access is coming along for new CTAB members

  • CTAB Meeting during Global Summit?

    • March 5-8, 2019  in Washington DC

    • [AI] (Albert) will  do a doodle poll to see how many CTAB members will be attending 2019 Global Summit (DONE)

    • People on this call Attending Global Summit: Ann, TomB, Albert, John P

 Do we continue with the off week CTAB call? 

  • Focus on BE docket handling

  • The off week CTAB calls have been happening in Dec 2018 and Jan 2019

  • Could depend on the docket of orgs not meeting BE, there are about 40 orgs now

  • CTAB needs to do roadmap planning and also handle the “docket”

  • Decision: CTAB should keep meeting weekly during February at least

 2019 CTAB Roadmap Planning 

  • Recently there was a CTAB Roadmap planning call

  •  The group reviewed priority / risk / timeline matrix from sub group

  • Early emphasis on next stage of Baseline Expectations and establishing cadence for community consensus and implementation

  • Group on CTAB planning call tried to assess  further baseline related work that should be done, TomB started slotting work into a timeline

    • Proposed Work projects include:
      • Finish BE for metadata (dispute process for phase 1, below
      • Consensus proposal: Add error URL to BE
      • Consensus proposal: Academic IdPs support REFEDS MFA


  • Need to share the arc of CTAB and community work with other bodies who have a stake in the work.
  • Comment: this attempt to establish a cadence for the work is very helpful
  • Shib v2 versus Shib v3 issues are of great interest to the community
  • We need to be clear on how the Shib issues will be enforced
  • CTAB can’t enforce all issues on software version issues
  • Shib may be a special case where we DO get involved
  • Question: Does InCommon CTAB effort include verification ?
  • Answer: there are many issues InCommon won’t be able to verify, for example a recommendation to run up to date software
  • CTAB should look for ways to make expectations demonstrate-able
  • The baseline expectation for “generally accepted security practices” is not concrete, but CTAB will make refinements around requiring SIRTFI , etc.
  • What are the positive feedback loops we can establish?
  • Should  we require participants to report back software version of federating software
  • Question of how proactive CTAB should get in discovering failures to meet BE…
  • It’s possible to guestimate what version of Shib is being used by an InCommon participant, but do we want to get into that?
  • That will be part of the consensus process
  • Q: is the proposed arc of work a good start and should we start to socialize it with CACTI and InCommon TAC?
  • CTAB will try to make sure the consensus process is extensive, but only a fraction of InCommon participants will likely participate.  But let’s say 10% participate in initial conversations. Then we need to educate the other 90% and engage them and respect their cycle times.
  • Suggestion to publish the proposed work package at earliest possible moment, even if it covers things 12-18 months down the road.  To help education and inform the community.
  • More frequent smaller steps will be helpful versus bigger steps
  • Could have a schedule laying out  the timeline for new requirements….
  • So organizations can potentially  get ahead and handle all of the expectations in advance
  • Will need to provide  guidance on issues like add Error URL to Baseline Expactations
  • Need to explain how Error URL will be used
  • Similarly Baseline Expectations for MFA and R&S will include work between  the consensus and the work package
  • Issues around validation and verification will need to be planned and handled and communicated
  • Collaboration ready is key,  InCommon will need cloud services in good shape
  • Revisit the planning on the next CTAB call.

Baseline Expectations Docket  

  • Added lower priority orgs and updated to show RA activities

  • Albert is  moving the data to the wiki

  • There is updated info as of this morning

  • Doing pretty well for priority 2-5

  • In most cases there is someone working to get contact info where it is missing

  • There are some gaps

  • [AI] Albert will randomly assign CTAB members to work on the gaps, orgs where we don’t have a contact

  • For  priorities 7-8  there are more gaps

  • Question of how long RA (John Krienke’s group) work on an org before we move it along

  • Suggestion to turn on required validation of the fields

  • First priority is having the right contacts

  • Should work towards a date by which this work package is concluded

  • FROM JAN 23, 2019 CTAB call: Suggestion to cut off the outreach effort in mid March 2019 timeframe

InCommon’s draft response to the 2018 Working Group reports (as time permits)

  • There is a draft response to reports from Attribute for Collaboration WG (Steering, CTAB, TAC co-sponsor) and Streamlining SP Onboarding WG (TAC sponsor)

  • Seeking CTAB member comment


NEXT CTAB CALL: Wed. Feb. 6, 2019

 

  • No labels