CTAB Call Tuesday, Aug. 9, 2022
Attending
- David Bantz, University of Alaska (chair)
- Jon Miner, University of Wisc - Madison (co-chair)
- Ercan Elibol, Florida Polytechnic University
- Richard Frovarp, North Dakota State
- Eric Goodman, UCOP - InCommon TAC Representative to CTAB
- Andy Morgan, Oregon State University
- Rick Wagner, UCSD
- Jule Ziegler, Leibniz Supercomputing Centre
- Tom Barton, Internet2, ex-officio
- Johnny Lasker, Internet2
- Kevin Morooney, Internet2
- Ann West, Internet2
- Albert Wu, Internet2
- Andrew Scott, Internet2
- Emily Eisbruch, Internet2
Regrets
- Pål Axelsson, SUNET
- Sarah Borland, University of Nebraska
- Mike Grady, Liaison from CACTI to CTAB
- Dave Robinson, Grinnell College in Iowa, InCommon Steering Rep, ex-officio
- Meshna Koren, Elsevier
- Chris Whalen, Research Data and Communication Technologies
- Robert Zybeck, Portland Community College
Discussion
Working Group Updates
- SIRTFI Exercise Working Group
- Call for proposals went out
- https://incommon.org/news/practice-makes-perfect-come-exercise-with-us/
- 4 responses to the call for proposals
- Have been meeting every 2 weeks, soon will start to have weekly meetings
- REFEDs MFA Working Subgroup
- Finalizing draft REFEDS MFA Profile proposal
- No editors were harmed in today’s discussions
- Edits to clean up for presentation to REFEDS Assurance Framework Working Group
- Technical details largely complete; some discussion about versioning and usage advice
- Still seems “close” to done… at least as a discussion draft
- REFEDS Assurance Framework WG 2.0 Draft
- Still tweaking on the “unsupervised remote process” criteria
- Entity Categories Working Group (R&S 2.0)
- REFEDs asked that each entity category should stand alone
- Need to tweek the initial descriptions of new personalized entity category
- Interesting discussion on list about data processor vs data controller distinctions
- InCommon TAC
- Deployment Profile Adoption Value Statement
- Going forward to Steering.
- Still need clarity on IdP/SP action expectations for next 12-18 months
- Note, there are no concrete details about expectations yet, so nothing specific for CTAB to review, just a heads up that these are likely coming.
- CTAB should probably note the above “expectation”’s potential overlap with “baseline expectations” or “beyond baseline expectations” writ large
- Tom: would be helpful if there was a list of expectations TAC is looking at
- Going forward to Steering.
- DID/VC/Wallet explortations
- Did some polling to get a sense of TAC members’ current familiarity with/knowledge of these technologies
- Intent to devote meetings to information sharing on how DID/VC/Wallets work, are being used or are expected to be used going forward.
- “What should Fed Members be aware of and be planning for?”
- “What should InCommon (Fed Ops) be preparing for and what value do they add to this ecosystem?”
- EntityID validation process changes comment wrapup
- SAML “Middlethings” (Proxies) group starting up
- Deployment Profile Adoption Value Statement
- CACTI
- IAM Online in fall to discuss the impacts of outsourcing IAM. Will be reaching out to CTAB to talk about impact on assurance.
- Linking SSO WG is making progress on scenarios
- IDPaaSv2 is meeting. REFEDS MFA support is a required component of any accepted solution.
- Kevin M: CEO Forum has new interest in things related to Trust and Identity. Eduroam and edugain futures. Looking at environmental threat. CEO of CANARIE is involved. Global NREN CEOs are paying attention
Baseline Expectations 2.0 Close out Next Steps
- In early August, a presentation was given to InCommon Steering about the Baseline Expectations close out next steps
- Coming down to last 5% of entities, all others are in compliance
- Plan to reach out to entities that may want to remain in InCommon and may need some prodding
- If these entities don’t take action they are facing removal from InCommon
- Albert will provide template email for outreach in the folder
Technology Exchange in Dec. 2022
- What does CTAB want to get out of CAMP 2022?
- Future of federation trust, assurance, interoperability (BE or …)?
- Testing of norms and expected behavior (e.g., for RAF, MFA, entity categories)?
- CTAB will present a session with Chris Phillips around the future of trust and identity and of increasing assurance.
- This is a merger of two CAMP session proposals into a single session.
- We may want to focus on what comes next after Baseline Expectations 2.
- Currently Baseline Expectations is a requirement of everybody.
- It’s a change management process for InCommon Federation.
- It’s beyond best practices.
- We may want to move to best practices.
- Ann: in 2016 we moved the community towards edugain international federation.
- That 2016 effort plus Baseline Expectations have gotten the community used to change management.
- Andy: does a democratic process make sense?
- With a threshold, percent of InCommon members, required for a change to be made
- Suggestion to leverage the Trust and Identity consultation process
CTAB class of 2023 recruitment coming soon
- CTAB Terms are for three years
- Six CTAB members reach the end of their 3 year term at end of 2022
- What type of individuals and perspectives will be helpful on CTAB in coming years?
- CTAB can decide what it should focus on
- CTAB has been focusing on trust at the organizational level
- Suggestion to look at incubator approaches
- Future issues can include:
- Proxying , verifiable credentials, account linking
- Check out mobile drivers licenses
- Should CTAB prepare a training / orientation for new CTAB members?
IDP as a Service
- Albert and InCommon Operations is working on spinning up IDP as a Service branding program.
- IDP as a Service Working Group report from 2020 is here: TI.145.1
- Orgs that use that IDP as a Service approach will be more removed, they won’t be their own site admin
- Might be helpful to have a representative from those orgs on CTAB
Next CTAB Call: Tuesday, Aug. 23, 2022