October 30, 2013
12 Noon Eastern, 9AM Pacific, 5PM UK
+1-734-615-7474 (English I2, Please use if you do not pay for Long Distance),
+1-866-411-0013 (English I2, toll free US/Canada Only)
PIN: 0195401 #
- Review Charter Items:
- Establish international interfederation agreements with eduGAIN and UK federation.
- Review documented trust practices and policies for entity registration and publishing.
- Review and adopt the US-EU Code of Conduct concerning attribute release and privacy.
- Review and assist in the implementation of metadata management/publication/aggregation/tagging improvements.
- Establish practices and policies for domestic interfederation for regional, K-12, etc federations.
Warren Anderson, Ian Young, Scott Cantor, Mark Scheibel, Steve Carmody, John Kreinke, Tom Scavo, Paul Caskey
- News regarding US-EU Code of Conduct. Meeting with attorneys regarding legal implications. Talked about whether InCommon is collecting correct information and privacy law information. One interesting point is publishing contact information in metadata - possible PII. Discussed what would be applicable to US-EU interfederation and bilateral agreement with UK. They are interested in technical feasibility as well (which is our job). Given a time-frame of end of November - didn't blink at that. No substantive legal opinions about this yet. Lawyers made aware that this might have broader implications than just interaction with EU and might bring in other nations with worse relationships with US. Steve asks if there was anyone familiar with Safe-Harbor Legislation? Not clear if that's in scope since higher ed and research explicitly exempt. John has looked a clauses of participation agreements that might be relevant and sent them to him.
- We need to review EduGain policy framework and see what technical implications are. Tom Scavo noticed that strict use of attributes to initiate attribute release is not supported by our technical implementation. John notes that there are five documents in the policy framework that could be worked through section by section. Warren supports doing this on this call, Steve agrees.
- Mark leads discussion for regional interfederation. Many smaller entities don't fit InCommon model, often due to lack of resources. Regional federations support K-20, Libraries, Health Care, other state groups. EduGain model or something similar may provide framework for interactions between regionals and inCommon. Some university federations could also benefit from interfederations. Met in Chicago in last month or two to try to define some of the models and issues. Want to establish a pilot project to drive this forward. John adds that there are about six different models that serve various use cases. This is being drafted up. Many of the relationships are imagined to be hierarchical. One registration authority in concept administered at several different locations. Differences with international models are at the level of trust and policy. For international, trust frameworks exist within each federation and need to find ways to align them. Ken Klingenstein working on "Periodical Table of Trust Elements" that define what might be important for various use cases - can use this to define trust relationships internationally. From regional perspective, trust elements might be more common initially.
- Warren asks what are concrete things we can do to move things forward? John thinks that by providing a channel for communications we are serving as important a function as we can at the moment. Mark agrees that this is the most important. Steve suggest that having a group look at creating a best practices document that regionals might follow. Asks if anything exists on that front at the moment? Mark does not know of existing documentation. Suggests that using the InCommon framework might be a good place to start. John is not sure that InCommon should be considered model - points out UC Trust as just a policy framework that is separate from technical implementation. What is the reason for the federation to exist? There are different ideas of what a federation is than what InCommon provides. UC Trust relies on InCommon for technical implementation but establishes trust through it's own mechanisms. Paul points out that UT is opposite - Steve recommends discussing this at ACamp.
- Warren solicits agenda items for upcoming meetings
- Ian discusses announcement of production integration with EduGain. Suspects that there will need to be work to encourage usage after mechanisms in place. UK has extended IdP definition to include idea of registrar. There is a GitHub page to get extensions from. Mark asks which entities in UK Federation metadata are exported to EduGain (just assume that everything imported). Ian answers that export is by opt-in but if you opt-in for one, you opt-in for all exports (same for EduGain as for LIGO, for instance). About 10% or so of EduGain metadata fails tests and is not imported. Working on getting this cleaned up. About 20 entities outbound from UK and 200 inbound from EduGain. This has increased the aggregate metadata size by about 1MB.