CTAB Call Oct 1, 2024

Attending

Warren Anderson, LIGO
Pål Axelsson, SUNET
David Bantz, University of Alaska (chair) 
Gabor Eszes, Univ of Virginia (rep from CACTI)  
Richard Frovarp,  North Dakota State
Kyle Lewis,  Research Data and Communication Technologies
Jon Miner, University of Wisc - Madison (vice chair
Emily Eisbruch, Independent, scribe  

Björn Mattsson,  guest from SWAMID


Regrets

Mike Grady, Unicon
Scott Green, Eastern Washington University
Christopher Keith, Brown University
Johnny Lasker, Internet2 
Tom Barton, Internet2, ex-officio
Matt Eisenberg, NIAID 
Ercan Elibol, Florida Polytechnic University 
Ryan McDaniel, University of Alaska Anchorage
Kathy Wright, Clemson, InCommon TAC rep to CTAB
Kevin Morooney, Internet2
Andrew Scott, Internet2
Ann West, Internet2
Albert Wu, Internet2 

DISCUSSION

  • Intellectual Property Reminder  - All Internet2 activities are governed by the  Internet2 Intellectual Property Framework.
  • Public Content Notice  - CTAB minutes are public documents. Please let the CTAB and note taker know if you plan to discuss something of a sensitive nature.

Demo of federated testing tool @ SWAMID - Bjorn Mattsson 

SWAMID has built two tools, both available on GITHUB 

Release Check Tool - Testing IDPs

    • https://github.com/SUNET/swamid-release-check-sp 
    • Which values do I release? 
    • Fetch as many attributes as possible from the IDP
    • Tests for different entity categories
    • Run tests manually first
    • Assurance  With local profile
    • Evaluating the organizations
    • They must send IDM practices
    • SWAMID evaluates if they are following rules
    • Same as Kantara with some variations
    • Verify REFEDs assurance attributes
    • To be sure IDP is setting correct values
    • SWAMID may request additional attributes release
    • Then multiple tests
    • IDP can see the status for my IDP
    • What do I need to add or remove
    • Test to verify REFEDs MFA
    • It’s a basic tool
    • But it allows verification of the IDP
    • The entity category tests motivate SPs to work with IDPs 
    •  Question: how is the tool signaling the IDP which attributes to release?
    • Answer: thru entity category
    • Requesting personalized and CoCo around service needs
    • Tagged with research and scholarship and code of conduct 
    • CoCo is a GDPR friendly way of getting attributes
    • It’s SWAMID but easy to make local variations
    • Working with edugain, for a version with slightly different attributes requested and some tests removed

  Tool to handle metadata- Version of Federation Manager

    • https://github.com/SUNET/swamid-metadata-sp
    • No Authentication 
    • In federation manager you enter values and it creates the XML feed
    • In the SWAMID tool, XML gets  uploaded
    • Tool validates the XML but does not create it
    • Entity logs into the tool and work with their SPs or IDPs
    • Can change organization name, contact person, etc.
    • If org enters data with errors, they get automatically notified
    • This is to support users when they upload XML files
    • Orgs upload their XML in a draft mode
    • They request publication
    • These tools have been very useful 
    • XML is in a better state than previously 
    • Organizations know what they should fix and what they must fix
    • Organizations can see each other’s status
    • Can know which entities have errors and warnings

    • There is an annual check
    • If errors remain, the entities may be suspended from federation 
    • Most federations try to get rid of the warnings, as well as the errors
    • Thanks to Björn Mattsson for this helpful presentation to CTAB


Working Group Updates

  • Tom Barton’s responses to NIST 800-63 draft 4
    • Update from Tom (who will not be present):
    • I’ve reached initial completion of the feedback document for NIST. So far, this reflects my own reactions and some of Kyle’s. More eyes on it would be appreciated! NB: I will hold an office hour Thursday at 4pm ET via zoom for last minute feedback on the feedback sheet.

    • Tom would like additional comments by Sept 30
    • Thanks to Tom for the care in constructing these comments
    • Reminder: send in your NIST 800-63-4 review feedback; possible update from Tom

  • Assured Access Working Group v2   - continuing work
    • Hope to be close to  finishing by Tech Ex


  • SEPWG  - meetings resume today
    • 15 organizations signed up for the 2024 SIRTFI Exercise

  • CACTI - no new CACTI meeting since; see Sept 17 notes
  • Steering - no report
  • TAC - no report

  • InCommon Interoperability Expectations Planning Working Group 


InCommon Futures 2

  • The InCommon Community provided the input leading to Futures 2.
  • We now need to know the next layer: 
  • assuming CTAB members provided some of that feedback in Futures 2, what did you want to see happen from that? 
  • What do you believe CTAB’s role needs to be in making that happen? 
  • Are there activities/happenings that are outside the Futures 2 context that this community should be aware of / address?
     

edugain is looking at edugain futures (Pal)

    • There may be new requirements for federation membership

InCommon Community Building

    • Gabor: looking for pathways for institutions that are new to the federation
    • Hoping to encourage recruitment of new community leadership, even though InCommon is freezing advisory group membership for one year
    • David:
      • recent InCommon outreach to tribal colleges is promising
      • InCommon and Internet2 staff are directly taking on the task to reach out and promote InCommon.   
      •  CTAB has the flexibility and all CTAB members are encouraged to identify those who may contribute to CTAB work.
      • We can invite community members to CTAB calls

    • Conversation with SWAMID today was helpful, understanding their tools to help encourage compliance.
    • Jon: people are looking for things that are more prescriptive
    • The tools SWAMID shared today fit that need

Next CTAB Call: Tuesday, Oct 15, 2024


  • No labels