CTAB call of August 20, 2024 

Attending

David Bantz, University of Alaska (chair)  
Warren Anderson, LIGO  

Pål Axelsson, SUNET   

Tom Barton, Internet2, ex-officio
Gabor Eszes, Univ of Virginia (rep from CACTI)   

Mike Grady, Unicon  

Scott Green, Eastern Washington University 

Johnny Lasker, Internet2 

Kyle Lewis,  Research Data and Communication Technologies 

Albert Wu, Internet2   
Emily Eisbruch, Independent, scribe

Regrets

Matt Eisenberg, NIAID 
Ercan Elibol, Florida Polytechnic University 
Richard Frovarp,  North Dakota State 
Christopher Keith, Brown University
 Ryan McDaniel, University of Alaska Anchorage 
Jon Miner, University of Wisc - Madison (vice chair) 
Rick Wagner, UCSD
Kathy Wright, Clemson, InCommon TAC rep to CTAB

Kevin Morooney, Internet2 

Andrew Scott, Internet2 

Ann West, Internet2 

Discussion

  • Intellectual Property Reminder  - All Internet2 activities are governed by the  Internet2 Intellectual Property Framework.
  • Public Content Notice  - CTAB minutes are public documents. Please let the CTAB and note taker know if you plan to discuss something of a sensitive nature.


Working Group Updates

  • InCommon TAC updates on Idea Consortium, NIH use of InCommon, MFA, Login.gov; interest in CTAB’s InCommon Expectations working group

  • SIRTFI Exercise Working Group - SEPWG -
    • Call for Participation went out; closes 1 Oct. 
    • Next meeting resumes 1st week Oct.

  • Assured Access Working Group v2 (AAWG2)
    • Work continues. Conversation about to wrap up local_enterprise and move on to IAP levels.

  • CACTI - Recap of recent Meeting 
    • OpenID, verifiable credentials, profiles, space is continuing to evolve, CACTI seeks the right strategy to keep tabs on what is happening and stimulating interest,  community outreach subgroups - spinoff work around ways to get member institutions interested in smaller topics
    • David:   verifiable credentials was not discussed much at CACTI meeting where CTAB was invited.  How is Web Authn plug in for Shib connected to verifiable credentials?  
      Gabor: Almost not at all.  Web Authn work relates to standards coming out of W3C. Does not relate to work being done in consortiums including the OpenID federation. 

CTAB Membership and InCommon Futures2

    •  There has been a request from Kevin and InCommon Steering that CTAB maintain continuity and momentum in the InCommon Futures 2 work.  
    • InCommon Advisory Groups are not expiring member terms or having elections for group membership at the end of 2024.  
    • Please let Albert know if you have concerns.

Review InCommon Expectations Planning Working Group Charter

  • Changes suggested at the Aug. 6, 2024 CTAB call have been incorporated into the working group charter.
  • Charter says at most five topic areas
  • It is important to work out how to evolve this than to work thru detailed expectations
  • Will the working group have fairly free reign? Or should this be tied back to CTAB right off the bat?
  • Don’t want this group to become a venue that inadvertently takes over roles that CTAB and TAC are chartered to do
  • David: This group will not have heavy-handed responsibility
  • CTAB's charter is to foster interoperability
  • MFA signaling will depend heavily on technical specs and work of other committees, including InCommon TAC
  • CTAB works with the community to accurately formulate expectations
  • Eventually steps become part of InCommon operations
  • This new working group will not develop new expectations on its own
  • It will put in place ways to keep up with the needs of the community
  • A working group has a beginning and end
  • CTAB and TAC are ongoing advisory committees
  • TomB: how do we distinguish between what this working will recommend and other best practices documents?
  • Baseline is important for everybody
  • Will these new expectations be something different than a best practice?
  • David: example of MFA signaling
  • We are saying If you need MFA for a service this is the RIGHT way to do it
  • Because this is the way we are adopting to foster interoperability
  • People are prone to ignore best practices
  • TomB: How will we observe the impact of these expectations on interoperability across the federation?
  • How to measure success?
  • Gabor: metrics and measuring may need to be done in another venue/group
  • Gabor: we will work through the process of how best practices rise to level of recommendation
  • The working group will engage with parties trying to solve use cases and decide if we can coalesce around a set of common practices
  • TomB: it might come down to the art of how we nag
  • We will need process around this
  • The community may be unaware of the expectations
  • Albert: Example of a commercial vendor and the need to support R&E federation in InCommon
  • Commercial vendors ask for a set of standards
  • Having a roadmap of expectations will help point out things that are missing

  • DECISION: CTAB adopts the working group charter

  • Next Steps: 
    • Albert will create a wiki for the new working group
    • Will put out call for participation 
    • Chair will be identified
    • Set up an organization meeting
    • Review charter one more time
    • Set up a meeting schedule
    • Members of the working group will include:
      Gabor, Mike Grady, Rick Wagner, Johnny, David B, Jon M

  • Hoping for some commercial service providers to join the working group
  • Albert will do some outreach to potential working group members
  • Suggestion to look at federation assurance level requirements in NIST  SP 800 63
  • Look at how InCommon can meet FAL2
  • Albert: this is something coming in the future for our community and we want to provide forward guidance
  • There are other things we know are coming, we want to be prepared
  • Maturity model curve
  • This is evolution of the baseline expectation pyramid

Next CTAB Call: Tuesday, Sept. 3, 2024

  • No labels