CTAB Call  Tuesday, October 18, 2022

 Attending

  • David Bantz, University of Alaska (chair)  
  • Pål Axelsson, SUNET   
  • Ercan Elibol, Florida Polytechnic University  
  • Richard Frovarp,  North Dakota State 
  • Mike Grady, Liaison from CACTI to CTAB  
  • Eric Goodman, UCOP - InCommon TAC Representative to CTAB  
  • Andy Morgan, Oregon State University 
  • Chris Whalen, Research Data and Communication Technologies   
  • Johnny Lasker, Internet2   
  • Kevin Morooney, Internet2 
  • Ann West, Internet2   
  • Albert Wu, Internet2   
  • Emily Eisbruch, Internet2   

Regrets

  • Jon Miner, University of Wisc - Madison (co-chair)
  • Sarah Borland, University of Nebraska
  • Meshna Koren, Elsevier
  • Dave Robinson, Grinnell College in Iowa, InCommon Steering Rep, ex-officio
  • Rick Wagner, UCSD
  • Jule Ziegler,  Leibniz Supercomputing Centre
  • Robert Zybeck, Portland Community College
  • Tom Barton, Internet2, ex-officio

Discussion

Working group updates

  • InCommon TAC October 6 meeting
    •  presentation on Digital Wallets in EU (Niels van Dijk). In vein of GDPR, intent to enable users to own/manage release of authoritative claims/assertions, stored in a digital wallet and released at user’s discretion.
    • A bit unclear (at least to some!) how scalable trust is established and maintained.

2023 CTAB Members nominations - recruiting

  • A few nominations for CTAB have been received
  • Please reach out to your contacts who may want to consider serving on CTAB
  • Some nominees for other InCommon advisory committees may be a good fit for CTAB
  • Albert will be reaching out to a few individuals who were nominated last year for CTAB

Baseline Expectations V2 closing  

  • https://spaces.at.internet2.edu/display/be/  
  • Current deadline for removal from federation of non compliant entities is sometime in December 2022
  • Quite a few entities that we must make some decision about
  • There are 42 organizations not meeting baseline expectations, down from 55 recently
  • For Service Providers still not in compliance, for the most part, Albert recommends un-listing (un-publish their metadata) from InCommon Federation as stated in draft document
  •    When we un-publish an entity’s metadata  it can be republished if / when they comply with Baseline Expectations
  • The IDPs are more challenging to decide how to handle versus SPs
  • For each case, we can 
  •      do nothing and continue to engage
  •       recommend removal, or 
  •       set a different date (grace period)
  • Services fronted by Amazon CloudFront can tend to provide false answer in SSL testing
  • Albert: the first time that an organization shows out of compliance from an SSL scan, we should give it time, test again , before reaching out. Could be a false result

  • Those on the call agreed to do some additional outreach to entities where they have contacts

  • Decision:    Recommend next steps to InCommon Steering at their November meeting

  •   InCommon Operations will need a uniform way to reply to entities that are removed and become alarmed alarmed, pointing them to next steps they must take, etc. 
  • Albert: we will likely need to spread out the action of un-publishing over a period of days
  • Potential stages were suggested:
    •   In November, we ask InCommon Steering to agree on removal of the entities that want to be removed or are obvious for removal (the easy batch).       Also, provide Steering the list of the entities we are still warning
      • Suggested date for removing the easy batch:  the week after TechEx, early in the week since it’s getting close to Internet2 holiday shut down.
      •    SPs removal  - in late January
      •   IDPs to which we want to provide one more warning - remove on a different date in late January

Next CTAB Call: Tuesday, Nov. 1, 2022


  • No labels