CTAB Call Tuesday July 26, 2022



  • David Bantz, University of Alaska (chair) 
  • Jon Miner, University of Wisc - Madison (co-chair) 
  • Sarah Borland, University of Nebraska 
  • Richard Frovarp,  North Dakota State 
  • Mike Grady, Liaison from CACTI to CTAB
  • Eric Goodman, UCOP - InCommon TAC Representative to CTAB
  • Andy Morgan, Oregon State University
  • Rick Wagner, UCSD
  • Jule Ziegler,  Leibniz Supercomputing Centre 
  • Tom Barton, Internet2, ex-officio
  • Ann West, Internet2
  • Albert Wu, Internet2 
  • Emily Eisbruch, Internet2 


  • Pål Axelsson, SUNET
  • Ercan Elibol, Florida Polytech Institute
  • Meshna Koren, Elsevier
  • Dave Robinson, Grinnell College in Iowa, InCommon Steering Rep, ex-officio
  • Chris Whalen, Research Data and Communication Technologies 
  • Robert Zybeck, Portland Community College
  • Johnny Lasker, Internet2 
  • Kevin Morooney, Internet2


Working Group updates 

  • InCommon TAC  
    • Update on Deployment Profile value proposition (Mark R) Draft ready, tries to capture high-level the comments that have authored so far.  
    • Request from Duke to review its plan to assert subject-id (Mark R)  
      Duke has a proxy fronting several SP and using the proxy to federate those SP.
    • Important technology to watch: Wallets and Self Sovereign Identities (DIDs or decentralized identifiers)
    • Planning to kick off SP “proxying” workgroup.
      • Any additional issues with running proxies that should be addressed in participation agreements? 
      • Technical/security/scoping concerns when IdP proxies talk to SP proxies…

  • REFEDs MFA Working Subgroup 
    • Finalizing draft REFEDS MFA Profile proposal
    • Most recent conversations around SAML ForceAuthn support and meaning (possibly an edge case, but lots of discussion nonetheless) → we have a resolution there, at least regarding what to say in the Profile.
    • Noted that it does not define appropriate solutions (e.g., “is a passkey multifactor or just one factor? If just one, is it a “something you have” factor?)
    • Includes an OIDC section, but the workgroup recognizes that we don’t have deep knowledge of OIDC usage and common practices. E.g., is OIDC “max_age” analogous to SAML “ForceAuthn”, or is it different enough to require different rules or guidance?
    • Next steps: read through to ensure overall document consistency; open up for wider review

  • Entity Categories Working Group (R&S 2.0)
    • Based on feedback from REFEDS meeting, looking into a 4th entity category that merges pseudonymous and personalized attributes with fallback
    • Removing draft fallback language from pseudonymous and personalized categories

Review Baseline Expectations v2 Steering Request for Action

  • https://spaces.at.internet2.edu/display/BE
  • Approx 5% of entities are not in compliance with Baseline Expectations v2
  • Presentation to InCommon Steering on Aug 1, on how we will wrap up Baseline Expectations v2.
  • A few documents have been  prepared for InCommon Steering
  • Does InCommon Steering need to vote to approve the action plan?
  • Ann: Steering must approve the final docket of entities that must be removed.
  • In the past round of Baseline Expectations, Steering members reached out to some organizations and helped resolve issues so there was no need to remove certain entities.
  • Perhaps develop a spreadsheet or other mechanism for Steering to get involved in doing outreach
  • Ann suggests providing more info to Steering on the communication cycle with the community around Baseline Expectations V2
  • David and Albert will add more background and communications process info to the slide deck for Steering
  • CTAB members approved the info for Steering

Next CTAB call: Tuesday, August 9, 2022


  • No labels