InC-Library Collaboration Minutes, June 12, 2009
Attending
Steve Carmody, Brown University (chair)
Lynn Garrison, Penn State University
Thomas Howell, Northwestern University
Andy Ingham, University of North Carolina
Dave Kennedy, Duke University
John Kiser, University of Pennsylvania
Kent Percival, University of Guelph
Mark Scheible, North Carolina State University
Heather Townes White, University of Saskatchewan
Foster Zhang, Johns Hopkins University
Dean Woodbeck, Internet2 (scribe)
Vendor Subgroup Report
The vendor subgroup is collecting information from vendors to create a registry and get a sense of how they provide seamless solutions, as well as to look at the commonalities and differences of their solutions. The goal is to come up with recommended practices. The subgroup plans to invite some vendors to the weekly discussions to get their perspective on what it takes to implement seamless access. The subgroup is initially targeting vendors that are already InCommon members and/or are Shib-enabled.
Use Case Subgroup Report
The use case subgroup has organized the use cases provided by InC-Library participants, focusing on those that are vendor-specific. The group initially sorted the use cases by vendor and developed a lit of detailed categories. Since then, however, it was decided to develop more general categories for the use cases.
Part of this strategy is the recognition that some institutions will be more advanced in their uses, having already implemented EZProxy and using multiple applications; while others will be looking for how-to, basic uses cases. There will be three categories: basic use cases, vendor-specific use cases, and site-specific use cases. The subgroup will also develop a template to provide more consistency in describing use cases.
The subgroup has discussed other specific situations (library walk-ins, for example), and the idea that moving beyond location-based authentication is critical with the growth in wireless and remote access demands.
Next steps are to reorganize the wiki into the new use case categories and create the use case template.
Feedback on Subgroup Approach
The general feeling is the subgroup approach is working well, allowing concrete work and results. As a result, the next four weeks will again be devoted to subgroup calls (although one of those dates falls on July 3, when the subgroups will likely not meet). The large group will reconvene again on July 17.
There was also interest expressed in developing a body of instructions on doing the basics in the library space. The information probably exists, but is scattered and not well organized.
Google Wave/OpenID
There was a discussion about the new Google Wave, billed as a new open-source communication and collaboration tool that seems to adhere to the OpenID standard. Should we be looking at this as a specialized use case?
Steve Carmody said that there are documents about Google Wave in circulation and some people involved with the Internet2 Middleware Initiative are keeping up on the process and progress. There is, for example, a significant mention about support for federated access, but I2 is trying to discover what that really means. There are active conversations underway with people at Google and we hope to have a better sense of the various protocols and framework in next month or so.
Kent mentioned he has had discussions with people at Canadian libraries who are interested in using OpenID as an alternative authentication process. Understanding where OpenID fits with the Shib environment would be a useful discussion in the library community. If, for example, walk-in patrons have an OpenID, should they be able to access resources? That goes to supporting OpenID in the Shib environment, as well.
Steve said the Shibboleth project has hired someone to add openID support to the Shib code base. He said that discussions with the U.S. government has shifted to talking about certified vs. non-certified identities. There is less concern about the protocol used to assert an identity; more important is the level of assurance that can be associated with an identity. By January 2010, we expect a version of Shib will allow an IdP to use openID protocols to assert a certified identity. There are also explorations of sites configuring their Shib IdP to allow a user to authenticate with an openID value that is linked to an existing identity within the IdP.
Kent said that this ties back to the use cases concerning walk-in traffic. We might encourage people outside of the university community to get an openID to access campus resources that might be available. This raises a question about what an SP might accept, in terms of assurances attached to those IDs.
This might be a good use case for the subgroup to add, waiting, however, until they have addressed the uses cases identified thus far.
Next Meetings - The subgroups will meet June 19, June 26, and July 10. The full InC-Library group will meet July 17.