Thursday, September 14, 2017
Action Items from Past Meetings
(AI) TAC members read the thread “documenting integrations” on the TAC email list.
Attending: Tom Mitchell, Janemarie Duh, Tom Barton, Mike Grady, Mark Scheible, Steve Carmody, Keith Wessel, Eric Goodman, Chris Misra
With: Ian Young, David Walker, Dean Woodbeck, Ann West, Nick Roy, Dave Shafer, Shannon Roddy
(AI) TAC members review the Development Profile WG proposal to OASIS: https://wiki.oasis-open.org/security/SAMLSubjectIDAttr
(AI) Mark Scheible will send a letter (on Sept. 15) concerning nominations to be sent to TAC members with terms expiring at the end of 2017
New version of the FM shipping Tuesday. Plan is to eventually containerize the FM environment. Major feature - new dashboard for site admins, making it easier to view/update/submit metadata. Link to the FM roadmap.
Nick has received a question about when InC will support SIRTFI in production, which depends on having good security contacts to metadata, which is part of Baseline Expectations
There is a technical meeting planned for the end of September to plan for the per-entity project - the intent is to wrap up planning by TechEx, with work on the service accelerating after that
Trust and Identity Updates
Links to some key resources:
Current InCommon Projects
SSO/MFA for the Certificate Manager is now in pilot
Planning is underway on implementing Baseline Expectations. Nick has produced a gap document to demonstrate the current state of affairs vs. the expectations. In addition, two items have been specifically identified as “in need of guidance” - privacy policies and logos. The AAC is planning to provide guidance.
Those with proposals accepted for the Campus Success Program will be notified next week. Fun fact: the most-requested training is in the operations environment (mainly Docker)
TIER investors receive a quarterly report on the program.
Updates on Working Group Formation
Deployment Profile - WG is operating. Looking for feedback (particularly from REFEDS) on an OASIS proposal for identifiers. TAC - please review and provide feedback.
Onboarding SPs - Had an initial call with the co-chairs this week and developed proposed dates/times for calls and will poll the email list.
Attributes for Collaboration in Federation - Have pared down the participant roles that will participate. Will primarily come from Steering, TAC, AAC, a few CIOs, and Internet2 staff to try to understand why attributes are not being released potential solutions. AACRAO already has a group spun up on this topic - there will likely be some opportunities for cross-pollination.
OIDC Implementation - First call is Friday, Sept. 22 (10 am ET) - will use that call to identify a chair.
We are overdue on getting messages out to current TAC members with expiring terms (e.g. Tom Barton, Steve Carmody, Walter Hoehn, Jim Jokl, Chris Misra). Mark plans to send that Sept. 15.
A thread on the TAC email list started a discussion about whether to organize an effort to document integrations with large and/or key services (Banner came up as an example, along with a suggestion to develop a list of 20 popular services and documenting integration paths with each). The downside is that we could expend considerable resources on non-participants. The TAC discussion centered on whether to focus on these large services which are not InCommon participants, but which may be of interest/help to our community. Another approach would be to focus efforts and resources on research, scholarly, and collaboration services that are InCommon participants (or are likely candidates for participation).
While the large majority of campus traffic goes to the large services (like Banner), our niche is in the research/scholarship/collaboration area, as well as cross-campus applications (particularly with multi-campus systems). It would be helpful to have success stories and case studies from the latter to publish and share.
There are a couple of relevant pages on the InCommon website:
The case studies are all old and need to be updated. There is also a need for developing value propositions for the target areas mentioned above and, in particular in regards to research organizations.