CTAB call of August 6, 2024 

Attending

Warren Anderson, LIGO 

David Bantz, University of Alaska (chair) 
Gabor Eszes, Univ of Virginia (rep from CACTI)  
Richard Frovarp,  North Dakota State 

Johnny Lasker, Internet2 
Kyle Lewis,  Research Data and Communication Technologies 
Ryan McDaniel, University of Alaska Anchorage 

Jon Miner, University of Wisc - Madison (vice chair) 

Kevin Morooney, Internet2 

Albert Wu, Internet2
Emily Eisbruch, Independent, scribe

Regrets

Pål Axelsson, SUNET 
Tom Barton, Internet2, ex-officio 

Matt Eisenberg, NIAID 
Ercan Elibol, Florida Polytechnic University 
Mike Grady, Unicon
Scott Green, Eastern Washington University
Christopher Keith, Brown University
Rick Wagner, UCSD
Kathy Wright, Clemson, InCommon TAC rep to CTAB
Andrew Scott, Internet2 

Ann West, Internet2 

Discussion

• Intellectual Property Reminder  - All Internet2 activities are governed by the  Internet2 Intellectual Property Framework.
• Public Content Notice  - CTAB minutes are public documents. Please let the CTAB and note taker know if you plan to discuss something of a sensitive nature.

Working Group Updates

• InCommon TAC (db) 

updates on Federation Proxies WG, Subject Identifiers WG
EduGAIN interest in OpenID Federation
Discussion of InCommon TAC role in InCommon Futures2
Verifiable Credentials - new working group

• CACTI   
•  is meeting next week Aug 14
• Discussing next gen verifiable credentials
• InCommon TAC and CTAB members are invited
  
  
• AAWGv2  (Assurance Access Working Group v2)
• Scribing doc: https://docs.google.com/document/d/1skNN-FvdMsTCHatHjLNkhQjhr-GCQ7e5nMZoahCkVI4/edit 
  
  
• InCommonSteering (db)
•  Quarterly update on projects of Futures2
• Report on Internet2 Board Meeting: constructive focus on InCommon

  Mid-year review of 2024 CTAB Work Plan

• Public CTAB Workplan 2024
• At start of 2024, CTAB chartered its work plan for the first 6 months of year

1. CTAB24-1: Update REFEDS Assurance Framework Implementation Guidance for InCommon Participants

      Assured Access working group (Kyle reports)  is making good progress

      Hope to get report out by end of calendar year, before TechEx

2 .  CTAB24-2: SIRTFI Exercise - 2024 edition

       SIRTFI is underway (Kyle reports heavy lifting starts Oct 1 2024)

3. CTAB24-3: Baseline Future: Improving Federation Interoperability

      Baseline futures, we are working on a charter for a new group to look at InCommon expectations

Review InCommon Expectations Planning Working Group Charter

• Dicussion on proposed working group charter:
  • Use “should” instead of “shall” ?
  • Should implies you don’t have to
  • For example, IF you support MFA, you must support REFEDs signaling
  • Adoption has been mostly voluntary
  • Encourages quick adoption
  • This flexibility can be a hindrance in some contexts where security is required
  • Suggestion to say “as current  best practice,  this is what you should be doing” ?
  • David B: We hope to go beyond best practice….
  • People unfortunately shrug at best practice and hope to do the minimum
  • By calling them expectations we provide an incentive
  • Kyle: best practice guides are not weighty enough
  • Albert: Baseline has community consensus and dispute resolution process
  • We need to think of how to evolve them
  • Specs will change, technology will change, vendor space will change
  • How to keep this current?
  • Unlikely that in next 6 months we can identify all the expectations
  • There will still be gaps
  • Start from the IDP perspective
  • Look at MFA from the SP perspective
  • Do we require all SPs to support MFA? No
  • Guidance is needed
  • IDP is more straightforward
  • How do we introduce elements in a way that folks understand and are willing to adopt
  • Is it reasonable to ask the InCommon Expectations Planning working group for a 1st set of expectations by Tech Ex in December? 
  • https://events.internet2.edu/website/69276/
  • David: we should give some clear examples by TechEx
  • Just setting up the apparatus is not enough
  • Albert: would like to see the group deliver
    • 1. answer to the question on what are the areas we want to develop expectations.
    • 2. In the priority categories, these are the 1st set of things we want to introduce as expectations.  Don’t have to be comprehensive, but set the groundwork. 
  • The apparatus will be useful
  • Gabor: Perhaps publish a roadmap on what guidance can be expected in coming years
  • Albert: there are intra institution needs as well as multilateral federation needs
  • Timing:
    • Easier to have a concrete timebox to a project
    • There are an almost infinite number of potential issues
    • Need to focus to maintain momentum 
    • Deadline of about 6 months usually makes sense
  • Membership:
    • do we want a wide open working group where we encourage wide participation OR
    • Keep things focused, and tap specific subject matter experts 
    • Some members from InCommon TAC may want to participate
    • InCommon TAC has similar efforts
    •  A number of InCommon TAC groups in recent years: the SAML2Int Deployment Guidance Group, the * Access Entity Category Deployment Guidance Group, the Subject Identifier Deployment Guidance Group
    • David supports a wide call for participation
    • Agreed to open this to broad participation
    • Including hoping to get vendors to participate
  • MIke Grady of Unicon has agreed to serve
  • Once the group is recruited, they will identify a chair and confirm the charter. The charter   will come back to CTAB for final OK
  • Albert: TAC may want to co sponsor this InCommon Expectations Planning Working Group working group 
  • David: could be complicated to have the group cosponsored
  • Simpler for the chair to have one board to report to 
    
    
  • Next Steps:
    • We are one short of quorum to adopt the charter on this CTAB call
    • Final decision in 2 weeks at CTAB call on Aug 20, OR
    • Perhaps move forward by asking for input over email.

Next CTAB call:  Tuesday, August 20, 2024