Attendees

Jeff Egly - UETN

Rob Gorrell - UNCG

Amel Caldwell

Mike Dickson

Brett Bieber

Jeremy Livingston

Michael Hacker

Neil Johnson - IOWA


With: 

Ann West 

Mike Zawacki

Romy Bolton


Regrets:

John Buysse

Kim Owen

Agenda

  • Intellectual Property Reminder - All Internet2 activities are governed by the Internet2 Intellectual Property Framework 
  • Public Content Notice - eAC minutes are public documents. Please let the eAC and note taker know if you plan to discuss something of a sensitive nature.
  • Agenda bash
    • Bashed! No additions
  • Approval of last meeting’s minutes
  • Review eAC committee nominations, discussion of next steps 
    •  Rolling off at end of 2022:
      • Robert Gorrell
      • Jeff Egly
      • Kim Owen
      • Neil Johnson
      • Jeremy Livingston
    • Remaining through 2024:
      • John Buysse
      • Mike Dickson
      • Brett Bieber
      • Michael Hacker
    • New Nominees:
      • Jeff Egly
      • Robert Gorrell
      • Amel Caldwell
      • Nadim El-Khoury
      • Kendra Ard
      • Saira Hasnain
      • Dion Baird
      • Tania Mahood
      • Jeremy Livingston
    • Industry nominations
      • Tom Rixom - SecureW2
        • Secure W2 is new to the community
        • Just made a request to join the InCommon Catalyst program
        • Mike D: We’re a customer of SecureW2, use them for eduroam onboarding. Could be interesting to have Tom on board, think through private industry angle. SecureW2 got started off making scripts to enable various flavors of authentication. Have branched out into cert management, other aspects of the service. Could bring interesting spin to committee. 
        • Jeff: Would be interested to hear more about other experiences of industry members on committees. Tim (Aruba/MSN) was a valuable member of eAC for example. Consider upcoming work and how skillsets of candidates could serve that work. Do we have concerns around accepting all nominees? 
        • Brett: The more hands the better, especially as we look ahead to our upcoming workload. Ann, do industry members on committees have to sign a CoI agreement? 
        • Ann: We do for steering committees because those set policy. Both industry candidates have business lines that could be impacted by decisions of this committee, could have them serve as SMEs. 
        • Brett: Is SME the same role as Tim Cappalli’s current role? 
        • Rob: Wondering that as well. Was his participation typical? 
        • Ann: Typically we don’t have industry folks who aren’t Catalyst members on committees. Tim was something of an exception
        • Jeff: Would there be a different role for industry folks if they were on the committee?
        • Ann: They would be non-voting members
        • Rob: Tim’s participation was along that line, was valuable to a lot of the work we do
        • Ann: Consider that Painless Security is involved with eduroam service operation but aren’t Catalyst members. Should ensure they’re non-voting members
        • Rob: I feel like they do have a role to play, just want to understand how they’d slot in
        • Jeff: Would they be excused from some discussions/calls or just not allowed to vote?
        • Ann: They’d need to disclose all relevant information about any conflicts, may need to recuse themselves from discussion, talk through their lines of business and how those might conflict. For Josh, consider that what the committee discusses would probably be discussed by Painless to some extent. Want to include relevant expertise as we develop new services and service aspects, just need to be careful WRT their ability to sway decisions toward their business interests. Sounds like both candidates have been vouched for by this body 
        • Mike D: I would vouch for SecureW2. Having SecureW2 take cues from our discussions might be helpful to the community, but get your concerns -  we’d need to be mindful that, for example, they don’t steer work away from CAT for example. 
        • Amel: I agree with that. We’re also SecureW2 customer. We do cert based auth and they manage our certs. Also do MDM work for us. They’ve been responsive, careful, thorough. Good with offering support and knowledge
        • Mike D: They do a good job of following trends in eduroam related services. For example, they tend to be on top of iOS changes that might break things
        • Amel: Feel like they’d be valuable
      • Josh Howlett - Painless Security/Federated Solutions Ltd.
        • Currently works for/owns Federated Solutions Ltd.
          • Consults for Painless Security
          • Consults for Internet2 on eduroam team
      • Jeff: All good to know. At this stage I’m hearing support for their participation, no major concerns for either industry candidate 
        • Brett: Would like to explore a conflict of interest form for these folks. Might want to think about having all members sign that, actually. I move that we accept current nominees and take Josh and Tom on as SMEs. 
          • Votes
            • Michael Hacker seconds 
            • No dissenting votes
      • Jeremy: I would be happy to stay on for another term 
        • Jeff moves to approve 
        • Mike D seconds
        • Jeremy will stay on for another 3 year term
    • eAC charter states committee must maintain between 7-13 members
      • Will have full slate of 13 with 2 SMEs 
    • Next steps
      • Mike Z to work with T&I community team to reach out to nominees, ensure they’re willing to serve
      • Mike Z will work with Service Management lead Angi Sizemore to see what gets sent out to steering candidates for CoI 
      • CACTI will review final slate, make recommendations
        • Kevin Morooney will review as well
    • Jeff: Many thanks to all members current and future!
  • Letter of community impact: eduroam.org/CAT SP not accepting R&S v1 attributes 
    • Draft letter: https://docs.google.com/document/d/1Gv5WEvmSa2BhC1d5fXUA8-uJDHs55sIXvwAOilnLWos/edit
    • Technical description has been created by I2 staff. Need volunteers to draft statement of community impact, especially the risks of limiting access to CAT for US community. 
      • Rob volunteers
      • Jeff volunteers, will recruit people from 
      • Rob: We could recycle some of the language around user onboarding summary, since CAT figures so heavily into that. 
      • Mike Z to send scheduling poll, call to be held week of November 5
  • Posting existing user/device onboarding draft on eAC’s page 
    • https://docs.google.com/document/d/10XnxXfiqOTOF0p4QgzePxAs-TeZXAS_LGNroE7T5LB0/edit#heading=h.vxstw7mc6283
    • Vote to post proposal for community information 
    • Jeff: Additional concerns, questions?
    • Brett: No concerns with sharing it, I feel it would be good for the community to have access to this info
    • Rob: Agree - we worked 
    • Ann: Are we talking about a community consultation? Is everyone familiar with that concept? 
    • Rob: Haven’t considered that, don’t know that it needs to be done here. Wanted a broader set of eyes on this. 
    • Ann: Typically community consultations last 2-6 weeks, then gets approved by CACTI. Helpful to get community input and to encourage discussion and awareness
    • Rob: One area where that would be important would be the prioritization of problem prioritization in section 3.3 - want to see if we hit the mark on that from community 
    • Brett: Just FYI, some previous consultations — https://spaces.at.internet2.edu/display/TI/Trust+and+Identity+Consultations
    • Jeff: Do we want to have a consultation period? 
    • Michael H: Agree
    • Brett: To Rob’s point, we want to be sure we’re clear with community that 3.3 is an area we’re particularly interested in their feedback. Also want to set up feedback table. Would this be considered a working group report? 
    • Ann: It’s a requirements document, similar to some work done by TAC. Should probably include “eduroam” in title to ensure clarity. 
    • Brett: Move that we post this for comment, draft community feedback page. Consider timeline for comment. 6 weeks average? 
    • Ann: 6 weeks is typical. Here’s the page from Baseline expectations: https://spaces.at.internet2.edu/display/InCAssurance/Consultation+for+Baseline+Expectations+Implementation+and+Maintenance+Plan
    • Rob: Might want to have additional time given approaching holiday time
    • Brett: If we pushed out consultation period through January that would allow for some in person discussion at TechEx
    • Jeff: So are we voting to post this for community comment? 
    • Ann: You could vote on it now, or put it out for community consultation page, then vote based on feedback. I would suggest that course of action
    • Jeff; Makes sense. So we’ll post for consultation and then convene in January to vote. Brett, what do you see as next steps? 
    • Brett: Draft page for consultation, share with this committee, then send note to eduroam-admin list
    • Mike Z: I’ll help Brett get the page set up, share with this committee for feedback. Then I will  work with Apryl Motley on announcement. 
  • Time for a refresh of the Best Practices Guide
    • Proposal to spin up working group to review and update
    • Timing for a working group? 
    • Jeff: We’re coming up on holiday season, should consider that in our timing. Other thoughts?
    • Rob: Good that we’re getting back to this. Helpful to periodically review this sort of documentation. After New Year seems like the right time to address this
    • Jeff: Agree. Any objections to picking this up after New Year? I’d be happy to help on work 
      • No objections to timing
  • Attendees at TechEx? Informal gathering? 
    • Jeff, Brett, Rob attending
  • AOB?
    • Brett: Some folks might be aware of conversations Support Orgs have been having with ISPs on public deployments. Calix, main equipment manufacturer for Allo (regional ISP) included eduroam in their annual presentation. Poses an opportunity to do large scale residential eduroam deployments. Wanted to make sure all are aware of that possibility 
    • Jeff: We just wrapped up statewide cybersecurity conference in Utah. eduroam figures prominently in the conference network, part of a trend we’re seeing in eduroam becoming standard part of conference experience especially for higher ed.
  • No labels