CTAB Call Tuesday November 15, 2022


  • David Bantz, University of Alaska (chair)  
  • Jon Miner, University of Wisc - Madison (co-chair) 
  • Pål Axelsson, SUNET  
  • Ercan Elibol, Florida Polytechnic University  
  • Richard Frovarp,  North Dakota State  
  • Eric Goodman, UCOP - InCommon TAC Representative to CTAB  
  • Rick Wagner, UCSD  
  • Chris Whalen, Research Data and Communication Technologies  
  • Jule Ziegler,  Leibniz Supercomputing Centre  
  • Tom Barton, Internet2, ex-officio  
  • Johnny Lasker, Internet2 
  • Kevin Morooney, Internet2   
  • Ann West, Internet2
  • Albert Wu, Internet2
  • Emily Eisbruch, Internet2   



  • Mike Grady, Liaison from CACTI to CTAB 
  • Meshna Koren, Elsevier
  • Andy Morgan, Oregon State University
  • Dave Robinson, Grinnell College in Iowa, InCommon Steering Rep, ex-officio
  • Robert Zybeck, Portland Community College


Working group / Committee liaison reports

  • InCommon TAC discussed nominees and ongoing election of 2023 Committee 
  • SEPWG SIRTFI Tabletop Exercise  is now in progress

  • InCommon Steering Committee discussed nominees and 2023 slate of nominees submitted to InCommon.

InCommon Steering Committee review of CTAB recommended actions re Baseline Expectations v2: 

  • At their Nov. 7, 2022 meeting, Steering expressed concern over some of CTAB’s recommendations around Baseline Expectations v2. 
  • The concern centered on the proposed removal of metadata for entities lacking only the explicit affirmation of compliance with SIRTFI
  • Steering noted entities are bound by terms of service and doubted a mandated affirmation would materially affect behavior in case of a security incident. 
  • Steering expressed concern  over potentially strong negative perception of removing entities (particularly IdPs) that could cause disruption and damage InCommon’s reputation as a reliable partner. They requested intensified/renewed efforts to work with organizations, especially the Identity Providers.
  • Revised recommendations have been formulated in response and provided to Steering; 
  • Steering is currently voting (by email) on the revised recommendations.
  • Current status is that if an entity does not as meet Baseline Expectations due to not asserting SIRTFI, the entity won’t be removed

CTAB Election - ballot

  • Thanks to CTAB members who voted.
  • David will coordinate with chairs of InCommon TAC and CACTI, since some individuals are considered for more than one advisory group.  Then the top vote getters will be notified.
  • Albert will be coordinating the ballot for CTAB chair and vice chair

CTAB themes at 2022 TechEx in Denver

  • Session Title: Increasing Trust and Assurance in InCommon Wednesday Dec. 7 at  8AM)  
  • https://internet2.edu/2022-technology-exchange/2022-program/abstracts/#increasingtrust
    • Baseline Expectations next steps - how do we further value of Federation?  What practices or conventions would increase trust & assurance?
    • What IAM practices are needed as foundation of federated trust?
    • Expectations on Federation Operator(s) - i.e., I2?
    • Accommodating / facilitating IdPs designed without InC in mind
      (Azure, Okta, Duo,...)
    • What is it from external (various stakeholder) perspectives that creates trustworthiness?
    • Federation 2.0 worked looked across international federation, at governance 

  • CTAB Working meeting (Tuesday Dec. 6 at 12:10)
    • CTAB Work plan recap    https://spaces.at.internet2.edu/display/ctab/ctab-2022-work-plan
    • Open discussion - next needs, potential topics:
      •  How to make the InCommon Federation the go to solution
      • Supporting assurance levels and enhanced communication
      •  National  Landscape, NIH, NSF engagement
      •  Researcher Auth Service (RAS) is  Identity provider https://datascience.nih.gov/researcher-auth-service-initiative
        • Calling RAS an identity provider is an issue; it is an authorization system
        • RAS expects one authentication that goes through RAS
        • RAS embeds a signed token, there is a trust relationship for data access
        •  Muddies water between identity and authorization
      • NIH as key important player
      • GA4GH  https://www.ga4gh.org/  (tightly bound to OIDC)
      • Overloading of OIDC
      • Proxy for authentication

  • REFEDs meeting on Sunday Dec. 5, 2022 will also cover Assurance  https://refeds.org/45th-meeting-december-2022

Next CTAB Call: Tuesday, Nov. 29, 2022


  • No labels