CTAB Call Tuesday November 29, 2022

 Attending

• David Bantz, University of Alaska (chair)
• Jon Miner, University of Wisc - Madison (co-chair) 
• Pål Axelsson, SUNET 
• Ercan Elibol, Florida Polytechnic University 
• Richard Frovarp,  North Dakota State 
• Mike Grady, Liaison from CACTI to CTAB  
• Eric Goodman, UCOP - InCommon TAC Representative to CTAB 
• Andy Morgan, Oregon State University 
• Chris Whalen, Research Data and Communication Technologies 
• Tom Barton, Internet2, ex-officio 
• Johnny Lasker, Internet2 
• Albert Wu, Internet2 
• Andrew Scott, Internet2 

Regrets

• Dave Robinson, Grinnell College in Iowa, InCommon Steering Rep, ex-officio
• Rick Wagner, UCSD
• Meshna Koren, Elsevier
• Jule Ziegler,  Leibniz Supercomputing Centre
• Robert Zybeck, Portland Community College
• Kevin Morooney, Internet2
• Ann West, Internet2

Discussion

Working group / Committee liaison reports

• InCommon TAC
  • Focused on identifying any special considerations for proxies and proxy-like things in federations.
  • There will be a session on Wednesday: “Rise of Middlethings”; we hope to inspire further discussion during ACAMP sessions
  • Collection of thoughts from TAC on the potential role of InCommon related to supporting/providing value in the Distributed IDentity space.
  • Goal is to turn the ongoing learnings and discussion into more concrete workplan items.
    
  • Reviewed election/chair election status
  • Discussed and reviewed “SP Middlethings” report 
  • Reviewed comments to date re “Wallet Brainstorming” 
    
    
• Security Exercise Planning WG:   
  • SIRTFI Tabletop Exercise 
  • The exercise is complete, some lessons learned, report and recommendations to be developed.
  • Potentially there should be an annual exercise, or perhaps more frequent, smaller activities.
    
  • Andrew Scott of Internet2 will be resource moving forward
    
    
• REFEDS Assurance
  • Finalizing and working towards a presentation 
  • Effort is primarily to clarify existing REFEDs Assurance Framework
  • Unsupervised remote / automation for identity proofing is a potential add on to the existing framework

CTAB election & recommendations to InCommon Steering for approval

• Finalize CTAB slate for InCommon Steering approval
  
  • Emails have been sent to those being asked to serve on CTAB, most have confirmed they will be pleased to serve
  • Note there are 14 CTAB members on this slate, and CTAB charter officially allows for 13.
  • CTAB Charter http://doi.org/10.26869/TI.94.1
  • So this is an exception, to have 14 CTAB members
  • Tom Barton, who helped write the CTAB charter, noted that this can be flexible
  • Question about staggering the CTAB terms,
    • consensus that it's OK to keep CTAB terms as they are
  • Albert reported that David Bantz and Jon Miner were reelected as chair and vice chair respectively
    • Thank you to David and Jon for stepping up to continued leadership 

Baseline Expectations v2 closing updates

• CTAB received unanimous official InCommon Steering endorsement of actions proposed 
  • These were revised proposals based on earlier feedback from InCommon Steering.
• There are some entities slate for removal (un-publishing from the InCommon Federation) on Dec 12. 
• Some of these entities have indicated they intended to withdraw from the InCommon Federation in any case.
  
• SIRTFI
  • There are about 100 entities that have not indicated adherence with SIRTFI framework. 
  • We will communicate / reengage with them in January 2023
  • David noted that our handling of the SIRTFI Baseline Expectation requirement is something of a compromise between CTAB and InCommon Steering
• There are IDPs that have not yet met baseline, but have let us know they are working on it.
  • They will not be removed as long as they are working and communicating with us
• InCommon operations will look again in 2023 at entities with no SSL encryption scores, or scores of B
  • Likely tracking the scores over time
• Question: what about periodically testing contacts in metadata?
• Albert: this will be a focus for InCommon Operations in 2023, also testing for other required elements, such as privacy URL
  
  
• Tom suggests that CTAB communicate with InCommon Steering in 2023 about the big picture around Baseline Expectations

  CTAB at 2022 TechEx 

• Albert will make reservations for the CTAB dinner
• Presentation - "Increasing Trust and Assurance in InCommon" (Wednesday, 12/7 8AM MST) 
  • SPs intended for many, few, or 1 IdP
  • SPs behind proxies or “middle things”
  • IdPs from 10**2 to 10**6 users
  • Federation operators in REFEDS
  • Assurance (MFA, IAL, …)
  • Attribute standardization / entity categories
  • Profiles
  • BE (every entity must…)?
  • Tiers or badges (these entities do…)?
  • Best Practices codification / promotion (if you need X, do Y)?
  • Integration services/recipes from Federation or others?
  • Fixing the Problems of Attribute Release: Wed 12/6 11:20 AM
    
    
• Assurance in Action: Wed 12/6 11:20 AM 
• The Rise of Middlethings: Wed 12/6 2:40 PM
  • Making it Sticky: Offering Shared Services via InCommon Glue: Wed 12/6 4 PM
  • Baseline Expectations as a pyramid of increasing value (utility/scalability) of InC to participants; BE2 security expectations ~95% compliance
    (SIRTFI, TLS, errorURL)
  • What practices, standards, would make federated access simultaneously easiest and most trusted access to resources?
  • Perspectives from 
  • Possible areas for increased value:
  • Mechanisms to promote increased value:
  • Related Sessions at TechEx

• CTAB Meeting Agenda (Tuesday, 12/6 12:10PM MST) 
  • where should CTAB go next? 
  • How can CTAB help federation grow/scale/mature
• Purpose of CTAB; Members
• Review of 2022 CTAB workplan - progress/accomplishments
  ttps://spaces.at.internet2.edu/display/ctab/ctab-2022-work-plan
• (possibly a summary of intended projects from Fed Ops)
• Looking ahead 

Next CTAB Call: Tuesday, Dec. 13, 2022