CTAB Call Tuesday May 30, 2023
Attending
David Bantz, University of Alaska (chair)
Warren Anderson, LIGO
Tom Barton, Internet2, ex-officio
Matt Eisenberg, NIAID
Ercan Elibol, Florida Polytechnic University
Eric Goodman, UCOP - InCommon TAC Representative to CTAB
Mike Grady, Unicon
Rick Wagner, UCSD
Jon Miner, University of Wisc - Madison (co-chair)
Johnny Lasker, Internet2
Kevin Morooney, Internet2
Ann West, Internet2
Albert Wu, Internet2
Emily Eisbruch, Independent, scribe
Regrets
Pål Axelsson, SUNET
Richard Frovarp, North Dakota State
Scott Green, Eastern Washington U
Meshna Koren, Elsevier
Kyle Lewis, Research Data and Communication Technologies
Andy Morgan, Oregon State University
Andrew Scott, Internet2
Discussion
- Internet2 Intellectual Property reminder
- Agenda Bash
Federation Maturity - brainstorming session with Mural
- see InCommon CTAB 2023 Work Plan,
- see item 4. Framing the next chapter of federation maturity
- See also discussion from the May 16, 2023 CTAB call
- There are many different use cases in our community
- Baseline Expectations (BE) has focused on contact info and security
- The hope is also is to promote trusted and scaled collaborations
- Need clearer and more standardized integration and a better user experience
- Range of needs
- at Community Exchange, there was discussion on helping Tribal Colleges get up to speed with InCommon
- at same time, there are R1 institutions that need to engage with NIH with high levels of security
- at Community Exchange, there was discussion on helping Tribal Colleges get up to speed with InCommon
- Don’t want to be exclusionary with focus on IAL
- Need guidance for everyone, be inclusionary
- Encouraging Service Providers to easily enter federation is something that benefits all participants
- Cloud First is often requested by campus leaders, it will be helpful if we can promote the idea of federation
- Considering partners, it was mentioned that Educause has a different constituency in HE. They may have better reach into small schools
- Educause is less active in issues related to IAM and federation than in the past.
- In recent years Educause has leaned into teaching & learning, privacy as augmentation to security convening
- Potential Use Case:
- There’s a fleet of vessels supported by NSF doing Oceanographic research
- They have needs for identity management, need to maintain secure access services
- The fleet is using ResearchSOC, program run by IU for research facilities https://omnisoc.iu.edu/services/researchsoc/index.html
- There’s a fleet of vessels supported by NSF doing Oceanographic research
Some Ideas from the Mural brainstorm:
- Federal Agencies - do we do more?
- Investigate cases where federation considered but not adopted
- What is the benefit of federation for some participants (eg small schools)? How do we make it clear what that is?
- Is it important to have clearer/more specific integration criteria for vendors claiming “InCommon support”?
- What do brand new InCommon participants need to do to be fully ready?
- Is it important to federation to support common / best IAM lifecycle practice? If so, how?
- Bilateral vs multilateral - is emphasizing the difference (rather than embracing both) good/bad?
- How do we encourage stronger / standard identity assurance practice across a wide range of capabilities?
- Do we need to promote a common discovery experience?
- Federated support - do we need to tackle support issues beyond security incident handling? How does a user get help, not end up in a support black hole?
- Are entitlement use cases “niche” ? How many multi lateral SPs want IDPs defining user permissions?
- Future Technologies - do we do anything to provide roadmap/guidance? Ie life beyond R&E SAML
- Where, if at all, does AI come into play?
Working Group updates (not discussed on this call)
- InCommon TAC / CACTI
- Notably, Browser Changes participation led to I2 moving to join W3C (Browser Changes work is moving within W3C)
- Use of entity categories
- ePSA
- Where does SCHACHomeinstitution fit in
- Notably, Browser Changes participation led to I2 moving to join W3C (Browser Changes work is moving within W3C)
- TAC reviewed various subgroup/project updates
- SAML2Int implementation group discussion
- Discussion of other TAC Work Plan items
- Operationalizing Baseline Expectations
- REFEDS MFA
- REFEDs Assurance Framework (RAF): update (postponed at Kyle’s request)
Next CTAB Call: Tuesday, June 13, 2023