CTAB Call of March 19, 2024


Warren Anderson, LIGO 

Pål Axelsson, SUNET 
David Bantz, University of Alaska (chair)

Tom Barton, Internet2, ex-officio 
Gabor Eszes, Univ of Virginia (CACTI rep to CTAB)  
Richard Frovarp,  North Dakota State

Mike Grady, Unicon  

Scott Green, Eastern Washington University
Christopher Keith, Brown University 

Kyle Lewis, Research Data and Communication Technologies 

Jon Miner, University of Wisc - Madison (vice chair) 
Rick Wagner, UCSD 

Ann West, Internet2 
Albert Wu, Internet2 
Emily Eisbruch, Independent, scribe 


Matt Eisenberg, NIAID 
Ercan Elibol, Florida Polytechnic University 
Ryan McDaniel, Virginia Tech
Kathy Wright, Clemson, (InCommon TAC rep to CTAB)
Johnny Lasker, Internet2
Kevin Morooney, Internet2 
Andrew Scott, Internet2


Working Group Updates

  • REFEDs Assurance Framework 
    • RAF 2.0 vs NIST comparison-Tom and Kyle completed detailed analysis notes
    • converting into an executive-level white paper in progress.
    • Primary audience is federal agencies.
    • Focus will on how relying party can accept REFEDs Assurance Framework in lieu of NIST

  • SIRTFI Exercise Working Group 
    • prelim WG discussions and planning are under way
    • had eduGAIN representation last week - many newcomers to the working group (even new to Sirtfi);
    • one member shared real-world incident experience a few weeks ago involving multiple universities;
    • most did not respond to Sirtfi requests, highlighting need for continued community awareness and training

    • In-person CACTI meeting held at CommEx. Open to public.
    • Low attendance, but some guest attendees, including Dmitri from Digital Credentials Consortium/MIT.
    • Discussion about the recent proliferation of digital student ID cards at US Universities, and how often this is a semi-separate identity ecosystem vs. the IdPs.
    • Ideas on how to incorporate topic into CACTI workplan.
    • CACTI could perhaps issue guidance on the digital student ID card use cases (dining hall access, door access, etc).

General Community Exchange impressions https://internet2.edu/2024-internet2-community-exchange/

  • InCommon Futures 2 Report
  • Microsoft
    • Cory Lee from Microsoft attended both Tech Ex 2023 and CommEx 2024.
    • Good conversations.  He presented about multilateral federations articles and documents from Microsoft.  
    • He has a good grasp of Higher Ed needs. 
    • He noted it is hard for him to try to explain to Microsoft  higher ed needs   
    • He would like our higher ed community to develop concrete, detailed requirements, and to create one voice.  
    • Instead of explaining multilateral federation as architectural concept, we need to explain our business needs
    • What do we need Microsoft to implement and how? 
    • Ambiguous requirements can be a problem for Microsoft to deal with.
    • We should provide requirements for the Entra ID product.  
    • Corey Lee noted that there have been cases where Microsoft has implemented requested requirements and then the feature was not used
    • It may be better for multiple community members to request the exact same thing than for one federation operator to request that thing.
    • Note that Microsoft does not make profit from supporting higher ed
    • CTAB can help articulate central business objectives regarding federation; it’s related to baseline expectations and REFEDs assurance framework
    • Microsoft will become an important identity provider moving forward
    • Ann: understanding scope is key. There will be discussions with InCommon Steering around scope
    • Collaboration and sharing services is key
    • We have connector solutions in place
    • Corey is interested in bringing in a broad range of voices, including organizations that don’t have an IAM system
    • We need to engage the organizations that will benefit and figure out key initiatives to advance the research agenda
    • How to redesign identity and provide new capabilities to move the needle
    • Broaden or change what we are currently doing
    • Protocol agnostic approach is important
    • Next step?
    • REFEDs Steering has begun the discussions to fulfill the need.  
      • The effort is to capture and flesh out the research and education collaboration standards
      • why we do things the way we do, explain the nature of scholarly collaboration,
      • in the business world there are legally binding procurement contracts, higher ed does not have that.

  • Wallet ID
    • In Europe there is legislation to adopt Wallet ID
    • Moving away from theory towards practice
    • We should take seriously the notion of life beyond SAML 
    • Suggestions to Invite someone  to talk with CTAB about Wallet ID

  • Multiple sessions on artificial intelligence
  • Sessions on secure research data  https://cacr.iu.edu/projects/SecureMyResearch/index.html
  • Identity Across Borders session, there was a question, “isn’t identity done?” 
  • (some orgs using Azure)

  • OIDC federation
    • Rumor that LIGO is looking at OIDC federation
    • Warren: yes looking at OIDC as a technology for services
    • Admins find OIDC easier to manage than SAML
    • It was noted that technology decisions are driven by the project you are trying to integrate into the system

  • Report out from CommEX’s CTAB Listening session
  • For a future CTAB Call
    • Starting up the “Baseline Future: Improving Federation Interoperability” group
    • What does that mean?
    • Who is the convener?0
    • What is the output?
    • Where do we start?

Next CTAB Call: Tuesday April 2, 2024

  • No labels