Friday, May 10, 11am-12:30pm ET


Attendees:

Brett Bieber - Nebraska

Jeff Egly - UETN

Nadim El-Khoury - Springfield College

Derek Eiler - NSHE/SCS

Rob Gorrell - UNCG

Kendra Ard - CSU

Kevin Hickey - UD-M (Liaison from CACTI/Vice chair of CACTI)

Margaret Cullen - Painless Security (Chair of CACTI)

Saira Hasnain - UF

Mike Dickson - UMass Amherst

With:

Nicole Roy, Steve Zoppi, Kevin Morooney, Tom Barton, Albert Wu, Sara Jeanes, Mike Zawacki, Ann West

Regrets:

Josh Howlett

Agenda

  • Intellectual Property Reminder - All Internet2 activities are governed by the Internet2 Intellectual Property Framework 
  • Public Content Notice - eAC minutes are public documents. Please let the eAC and note taker know if you plan to discuss something of a sensitive nature.
  • Agenda bash
    • See KevinM’s items below re: reporting change and not rolling off members
  • Approval of last meeting’s minutes
  • BE for eduroam (Brett, Margaret, Sara with special guest TomB) 
    • eAC to consult with CTAB on InCommon Federation BE effort, get guidance on this effort
      • Brett: Also would like to consider how we could work more closely and coordinate with CTAB. 
    • How to scope this effort, outstanding questions
      • What are compliance requirements
        • How to measure compliance 
        • What is the timeline for this?
      • How to handle non-compliance, dispute resolution
      • Any contractual needs? 
      • Are there impacts/needs with regard to international eduroam community?
    • Tom: Couple of other points to add - there were two additional problems that we confronted. 
      • Compliance with additional federal regulations on identity management/security
      • Staff turnover within the community, which impacted functioning and overall value of the federation as a whole, could drive away participants. 
    • Tom: Also worth noting that the community was heavily involved in driving requirements and compliance efforts. Buy-in from them was central to our efforts. User experience was a key consideration as well. Think about what a more punitive approach would have on overall participation (honey vs vinegar) 
      • Derek: Once we form up requirements and go into ‘enforcement’ mode should keep in mind that we will likely lose participants. Saw that in InCommon and will see it here too
      • Tom: Keeping requirements “baseline” helps - they should be achievable by every participant. Obviously there’s a greater spread in technical capabilities here compared to InCommon. There are no pizza shops in InCommon, for example. So think about how to stage expectations, have easier phases first, etc. 
      • Albert: In thinking about BE for eduroam, think about the minimum needed to provide the security which allows all participants to trust each other, feel safe about using the service. To the point of losing participants we’ve found that nobody left because we were asking them to change the way they operate but rather because we were engaging with organizations that had stopped using the service (especially where there was staff turnover and the incoming staff didn’t know what the federation was, or that they were even participating in it). So it was more house cleaning than anything else. 
    • Nicole: Wanted to mention the eduroam case is slightly different from InCommon in that the eduroam US service is in the middle of every single authentication, whereas InCommon participants manage more of their own authentication. Need to think about the impacts of a single eduroam entity on the national infrastructure - much more of an issue here. 
    • Brett: Also provides us with the ability to more directly monitor and metric eduroam in the US. I think measurement is key to our efforts in a BE for eduroam. There are risky behaviors out there right now that the community needs to be aware of. Consider how the different risk tolerance of each participant in eduroam can impact every other participant. eAC also needs to keep in mind the the differing requirements for IdPs, SPs, and the NRO. Each needs to be addressed, including requirements for Internet2 as the NRO. 
    • Rob: Another difference is those three roles might not be as far removed from each other than they are in InCommon’s federation. 
    • Margaret: For each of those roles should also consider security and operational requirements. 
    • Brett: Next steps? 
      • Brett: Get BE working group formed up. Come up with volunteers and cadence (suggest bi-weekly at first). 
        • Identify technical requirements for participants and for I2. Margaret’s and Josh’s assistance would be appreciated. 
        • Also want to think about requirements from user experience standpoint. 
        • Needs and approaches for communication out to the community. Include a statement for the community of why we need to do this. 
      • Ann: WRT dispute resolution, we relied on community to report issues/request assistance. There was a community group that would look into and resolve any issues. Federation approaches and policy could be leveraged here
      • Brett: Propose having this be a standing item for this committee’s agenda
      • Working group volunteers
        • Rob Gorrell
        • Nadim El-Khoury
        • Brett Bieber
        • Derek
      • AI MikeZ: Send out scheduling poll for BE Working Group calls
  • Updates on WGs (MikeD, Saira)
    • Cloud WG (MikeD, Amel, Rob, Derek)
      • MikeD: Discussed approach for getting 3rd party vendors involved in requirements forming. A lot of unknowns for the group where they could help us with that forming process, both in technical considerations and in business requirements. . Group feels that automation should come later - the process of managing hosted subscribers should be manual in first phase. Folding eduroam into apps on vendor platforms is another point of consideration.
      • Next steps for the group
        • Put together a call with WG members and Tom Rixom, Tim Capalli, and Josh Howlett. We would present the overview of our thoughts and proposed approaches to collect their feedback. 
        • Brett: That sounds like a good approach. 
    • Desk of eAC WG (Saira, Brett, Nadim)
      • Brett: Good success with first article. Second article will be drafted by Nadim
        • Nadim: Agreed. I’ll be sharing a draft with group within the next week. 
      • Brett: We might also want to cover BE for eduroam as an upcoming article. Good opportunity do some initial engagement with community. 
  • eduroam Support Organizations Update (provide as pre-read)
    • CEN
      • Steady state operations - no major updates from last month
    • Link Oregon
      • Continuing work with pilot ESDs, working on recruitment efforts with additional schools and districts
    • Network Nebraska
      • Brought on Catholic school system in Lincoln (about 30 schools total). Cox Communications is finalizing deployment of public hotspots throughout the Omaha metro area. Network Nebraska staff gave presentations for CENIC, The Learning Network of Minnesota, and is slated to present at WiscNet’s member meeting this month. 
    • NSHE
      • Published updated program page for Nevada constituents. Looking at hosting a workshop to assist some of our rural districts with setting up eduroam. Also had an interesting deployment for a gifted student school that’s co-located on UNR’s campus - unique cross institutional considerations. 
    • The Sun Corridor Network
      • Working on internal deployment of eduroam. In discussion with Maricopa county on public hotspots and schools and Vale district schools. Adding new staff to eduroam team, gearing up for a bigger push on the project. 
    • UETN
      • Working with ISP Centracom on public deployments of eduroam. Transitioning eSO work from project model to program model. 
    • Washington K20 Network
      • Started working with pilot districts to add new schools. Also identifying single schools outside districts to work with next. Planning to begin work on marketing materials to promote eduroam within our constituent community
    • TDI Pilot (North Carolina)
      • 200+ program participants, increased eligible population to 1700 with addition of 4th school. Our fiber-to-the-home ISP Lumos is to be acquired by T-mobile. Adoption rates continue to be slow, apprehension of the community “too good to be true”. Efforts focused on direct marketing and reaching trusted community partners outside the school system to enforce the program is real and not a scam.
        • Jeff: Will that acquisition by T-mobile impact the project? 
          • Rob: Too early to say - waiting to hear from new leadership 
    • Update on next cohort (Mike, Sara)
  • Change in eAC reporting relationship, roll-off changes (Kevin, Brett) 
    • All members of advisory committees are being ask to suspend roll off of members whose terms end this year. The ask is to remain on for one additional year during the community work that will grow out of the Futures2 project
    • The eAC will be moved out from under CACTI and under InCommon Steering. Aligns with discussions between Steering and CACTI. Feeling is that eduroam is a service which touches more than CACTI’s area of responsibility. 
      • Derek: What does this achieve?
      • Kevin: Brings work of this committee closer to Steering, provides more direct engagement and coordination with community leadership and I2 leadership. Also removes a burden from CACTI, but in terms of practical effects from the eAC’s view it won’t change much. 
      • Brett: My experience in working with a committee that reported directly with Steering (CTAB) was that there is more face time/direct work with community leadership. Also frequently have cross attendance of each others’ meetings. 
      • Margaret: CACTI fully supports this move, but would also like it if we could maintain liaisons with each others’ committees (as we do with CTAB and TAC). Having a direct working relationship is helpful to us as there are sometimes eduroam related/adjacent topics that come up. 
        • Brett: I’m supportive of that as well. Jeff and I are interested in continuing that working relationship. 
        • Rob: Agree with everything that’s been said. As the liaison with CACTI I find the eduroam discussions that happen in that body have a lot of similarities to some of the topics the eAC addresses. Having that cross pollination is helpful in both directions, imho. 
      • Brett: Also to Derek’s point, I see this as a recognition of the work we’ve done and the value to InCommon 
    • Link to recording of webinar on Futures2 outcomes 
  • Next meeting
    • Normally scheduled for June 7, 11am-12:30pm ET
    • Conflicts with BaseCAMP
    • Move to Friday June 14?
      • No objections. MikeZ to update calendar invite 
  • AOB?
  • No labels