CTAB call Tuesday, May 19, 2020
- David Bantz, University of Alaska (chair)
- Mary Catherine Martinez, InnoSoft (vice chair)
- Brett Bieber, University of Nebraska
- Rachana Ananthakrishnan, Globus, University of Chicago
- Tom Barton, University Chicago and Internet2, ex-officio
Ercan Elibol, Florida Polytechnic University
Richard Frovarp, North Dakota State
- Eric Goodman, UCOP - TAC Representative to CTAB
- Jon Miner, University of Wisc - Madison
- John Pfeifer, University of Maryland
- Chris Whalen, Research Data and Communication Technologies
- Jule Ziegler, Leibniz Supercomputing Centre
- Ann West, Internet2
- Albert Wu, Internet2
- Emily Eisbruch, Internet2
- Pål Axelsson, SUNET
- Chris Hable, University of Michigan
- Marc Wallman, North Dakota State University , InCommon Steering Rep, ex-officio
- Robert Zybeck, Portland Community College
Action Items from this call:
- AI DavidB - Add to agenda for the next CTAB call discussion of REFEDS R&S, to be co-lead by Chris W
- AI Albert - provide to CTAB a list of InCommon participants for targeted outreach to gather more input on the BE V2 proposals
Updates from Working Groups
- REFEDS Baseline - Pal/Tom
- Tom: There is discussion of adding to the REFEDs Baseline Expectations, an expectations of federation operators, to have federation operators see themselves as part of a global whole to reduce all the differences between the 70 odd federations.
- InCommon federation is committed to this, but perhaps it should be written
- Someone on the REFEDs BE working group from the library community noted InCommon Federation Baseline Expectations work well for people considering joining the federation, plain language, non technical. Noted that the REFEDs BE should also keep in mind the audiences and not use overly technical language.
- Albert: focus on international collaboration is generally high in the mind of InCommon, but perhaps not for all federations around the world.
- Different federations have different financial models, and this can change the motivations somewhat
- No concerns expressed on InCommon suggestions for BE v2 . For future consideration…. R&S, can we expect every IDP to release the R&S attributes?
- How specific should we be in defining the TLS expectation? Tough balance. Good to keep technical statements off the main document. Use a supplemental document for technical info. But then how essential and required is the supplemental document?
- Chris W: concern that there is not broad enough representation on the REFEDS BE WG.
- REFEDs will need to focus on the processes to bring the entire global federation community onboard. TomB plans to focus on that
- Albert: Not certain how enforcement of REFEDs BE will work. What role will edugain play?
- There was discussion of whether this REFEDs BE working group should be under REFEDs or under EDUGAIN steering. Some recommendations may be EDUGAIN related.
- Seamless Access Entity Attributes WG
- May 13, 2020 IAM Online on Seamless Access - Slides
- SeamlessAccess is sponsoring an Entity Categories and Attribute Bundles
Working Group to help IdPs select the appropriate attribute set for a given SP.
- Attribute sets:
- Authorization Only (no attributes),
- Anonymous, and
- Albert: The working group has reviewed all 3 of the entity category specs. Heather making edits. Then all three go to REFEDS consultation. The hope is that these three specs will be published as part of REFEDs entity attribute category.
- David Bantz - concern around ACS (American Chemical Society), affiliation issues, suggestion to add a pointer to the license
- REFEDS Assurance WG - Jule
- The group is discussion questions around dealing with situations when and IDP provides less or more info than is needed for authorization
- Needs to be discussed by CTAB and also by REFEDs Assurance WG
- Albert: also being discussed by seamless access group, but there is more to be done
- Is an IDP in breach of R&S if they release more than needed?
- REFEDS R&S discussion ( Entity Category Working Group ) - Albert
- Not sure if there has been a recent call of this group since last CTAB call
- Issues being looked at include: Is it time to update the REFEDs R&S profile?
- If we change the spec right now, it can damage adoption
- But the R&S specs today references a few things that are going out of date. Such as use of identifiers,
- Also language clarification updates to the spec would be useful.
- How do we evolve federations and keep them current in a minimally intrusive way? Need to keep building adoption momentum
- InCommon TAC developed the R&S profile and brought it to REFEDs. CTAB should play attention to this and likely chime in on how to evolve R&S profile
- Make just minor updates to bring into compliance with changes to identifiers?
- AI DavidB will make REFEDS R&S discussion an agenda item for discussion on next CTAB call - Chris W will co-lead the discussion
- 33 people attended, about 20 non-CTAB members attended, considered pretty good participation.
- Additional Outreach planned
- Those InCommon participants who were on the office hours call may be more motivated than the average InCommon participant.
- A suggestion from the Office Hours call was to scan existing metadata to identify some organizations who would have work to do to meet the proposed BE V2 (they have missing errorURL, unencrypted/poorly encrypted endpoints, etc) and conduct targeted outreach - to understand if there are concerns/barrier to adoption - during consensus process
- Albert - InCommon operations will likely be resuming “health check” used for BE v1
- Perhaps use the list Shannon Roddy provided a few months back to help identify organizations to reach out to.
- Historically SPs do not participate as much in our discussions
- Reaching out and making the connection with the SPs is the challenge
- As part of BE consensus process, we need feedback from the SP community
- AI Albert provide to CTAB a list of InCommon participants for targeted outreach to gather more input on the BE V2 proposals
- For future discussion:
- How will CTAB engage with the list of InCommon participants Albert / InCommon ops provide
- What does InCommon do when there is not compliance with encryption, for example? Need to uncover more data through outreach
- ERROR URL question from BE V2 Office Hours call
- Error URL - suggestion to include REFEDS Best Practice Around Error Handling Working Group output as implementation guideline, but not make it a strict requirement of BE v2.
This will encourage adoption of the ERROR URL guidelines. Good for moving this forward.
- DECISION: include REFEDS Error URL WG output as a best practice guideline
DID NOT DISCUSS ON THIS CALL
- BE V2 Clarification texts - any necessary edits/updates?
- Other BE editing
- Is the wording in the main BE doc flexible enough to stand the test of changing technology over time, i.e., we don’t want to have to revise BE everytime technology revs version…
- Perhaps some of the version specific language could go into the clarification docs
Next CTAB Call : Tuesday June 2, 2020