Child pages
  • Notes 10.01.2014 Conference Call
Skip to end of metadata
Go to start of metadata


  • Roll Call
  • Agenda Bash
  • Strategies
    • Review newly completed proposals
    • Evaluate strategies with respect to environment
      • Types of environments (about a half dozen), e.g., AD-centric, Java
        capable, CAS-centric, etc.
      • What environment is best for each alternative? What are the pluses
        and minuses for each?
    • Evaluate deployment assessment criteria

Call Notes

  • Attendees
    • Mark Scheible, MCNC
    • David Walker, Internet2
    • Lucas Rockwell, Cirrus
    • Scott Koranda, Spherical Cow Group
    • Tom Scavo, Internet2
    • Steven Carmody, Brown University
    • Ben Poliakoff, Reed College
    • Ian Tegebo, Cirrus Identity
    • Janemarie Duh, Lafayette College
  • Review of completed strategy docs
    • ADFS - Scott Koranda - used as an IdP.
      • Requires use of third-party tools such as pysfemma, new vocabulary due to the differences in languages between the ADFS environment and that of the federation, and scripting skills such as PowerShell and Python. A point-to-point federation approach is a non-trivial process but on a high level, it can be done. 
      • How could InCommon help make this easier? Suggestions include providing mentors, making information easily available, package the information to help smaller institutions.
      • Use case is SharePoint
      • Have separate section on governance in report?
    • Hub and Spoke (Trusted Third Party) - Mark Scheible - guidance for K-12.Talks to WAYF. Somebody needs to run the hub that has the IdP.
      • Tom Scavo: Hub and Spoke is a layman's term for an IdP proxy. That is not what this solution is, which is an IdP with multiple scopes in its metadata and a solution for educational/research systems and regional networks.
      • Include in section for future work of report K-12/community college systems - central coordination and control.
  • Environments - what implementation environment is best for each alternative? What are the pluses and minuses for each? Some comparative analysis and a written summary with detail. Make sure the comparisons agrees with what we should be doing. Lay out generalizations like Consumer Reports does. "If you don't have skill x, see strategy x." Focus on pros and cons of the environment.
    • Half a dozen types of environments:
      • AD-centric
      • Java capable
      • CAS-centric (and whether or not there is CAS expertise)
      • DIY environments vs. prefer to outsource
        • Outsourced does not care on what technologies the alternative is based.
        • Sub-issue: to whom will you outsource? What will you use for IdM? CAS, Kerberos.
      • Google-centric environment
    • Section in report for summarizing resources required: what is likely to be a showstopper at this point in time? They may not be such later. If a campus has the resources and expertise, we would not recommend anything other than a local IdP. If a solution sucks more resources or effort than a local IdP, it is not recommended.
    • How important are some of the criteria, e.g., ECP, and user consent? We might say to TAC that someone should investigate and think about doing these other things. InCommon should talk about what should be done in the next few years by them and by campuses. How does IdM as a Service fit in, and TIER and CIFER?
    • Should we have another grid for the alt strategies and the applicable environments?
    • The deployment columns for ADFS were filled in during the call. Janemarie will fill them in, as well as the example deployment column, for the rest of the strategies.
  • No labels