Draft Minutes: InCommon-Quilt Pilot Tech call, 22-Feb-2013
Attending
Mark Scheible, MCNC
David Bantz, University of Alaska
Paul Caskey, University of Texas
Bernie Acs, NCSA
Brian Burkhart, OneNet
Keith Hazelton, University of Wisconsin-Madison Mark Beadles, OARnet
George Laskaris, NJEdge
Ann West, Internet2
Emily Eisbruch, Internet2 (scribe)
Action Items:
[AI] (Mark) start a table of pilot scenarios and the associated technical requirements (Done) Linked from https://internet2.box.com/files/0/f/680471824/InC-Quilt_Pilot_Tech
[AI] (Mark) set up a Doodle poll for a regular meeting time. (Done)
DISCUSSION
Charter
Mark drafted a charter for the Pilot Tech group, linked from here:
https://internet2.box.com/files/0/f/680471824/InC-Quilt_Pilot_Tech
Comments: charter looks good. It provides a sound basis to continue the conversation.
Highlights of the Pilot Definition group call on Thursday, 21-Feb-2013
Key points for the 21-Feb call:
-Goal is to have pilots in place by start of school year in Sept. 2013
-That means that pilot requirements must get figured out relatively soon
-key question is: what technical requirements do we want the pilots to be validating?
Pilot Input from group (requirements to test Federation Models)
Q: On the attribute side, are there things we need to discuss?
A:: Keith: Infrastructure or technical changes are NOT needed right now regarding attributes. This might bubble up from the pilots.
-The Pilot Admin_/Policy group meets on Monday; they will have input on what to include in the pilot
-What are the federation models that we would like to test via the pilots?
Pilots could range from minimal guidance or consulting around K12 federations up to hosting and full support
Possible models:
- Federation of federations
- a model running on metadata aggregation, publish and subscribe
- a model without providing infrastructure, but that helps with training and consulting
Note: InCommon is starting up a subgroup to look at Metadata distribution -Keith will send along info as soon as the group is spun up
-Paul has a metadata aggregator case study (using police agency data in Texas); Paul could demo this if desired -Tom Scavo will join these calls in the future; he is also a good person to talk to about metadata aggregation
-proxy IdP, takes a hierarchical approach -could be called "Proxy Authentication" or "Authentication Gateway" or "SSO Gateway" -authentication is done to a backend owned by an organization or agency, using LDAP or SAML or socialID to make an assertion -Alaska and Illinois are also interested in this model
Should we keep social ID out of scope for now, to keep things simpler? Keith: no, do not rule out use of SocialIDs in the pilots
CIlogon might help bridge the gap and serve as an example of how this proxy service might work If a district has Google Apps for Education but no local infrastructure, Google Apps can act as an authentication service
Mark: In NC, the UNC system has their own federation -Some members are members of InCommon, but majority are not -So could try inter-federation as part of the gateway or metadata aggregator
Q: Is this the NCtrust project? A: No that is still a K20 pilot federation effort, that uses InCommon
The UNC system Identity Federation has 17 members all running their own IdPs They all run IDPs in a federation, and that is not part of InCommon
What about testing a multi-scoped IDP as part of a pilot? -Univ of Missouri system is running a multi-scoped IdP, and they are fairly common in the UK -Multi-scoped IdP has a single authentication source for various organizations. -Multi-scoped might be bigger than what a pilot allows us to do
Ann has talked to the InCommon affiliates about potential consulting help to facilitate the pilots -We might want to put out an RFP to the affiliates -Let the affiliates know what we will be testing, and the affiliates can tell us what they can offer for the various bundles
-Keeping in mind that some regionals may want support, others may not. [AI] (Mark) start a table of pilot scenarios and the associated technical requirements
(Done) Linked from https://internet2.box.com/files/0/f/680471824/InC-Quilt_Pilot_Tech Logistics: [AI] (Mark) set up a Doodle poll for a regular meeting time. (Done) Next Call: TBD