Action Items from Past Meetings
(All) Please review the “reflections” document , which will kick off a discussion of direction and priorities next month.
Action Items from January 18, 2018
(AI) Shannon will follow-up with REN-ISAC on communications regarding the ROBOT attack
(AI) Dean will submit a TAC meeting request for the Global Summit.
(AI) TAC members - review the documents related to past TAC roadmaps and work plans (see links below), with an eye toward any topics that may require a WG.
Attending: Mark Scheible, Janemarie Duh, Judith Bush, Matt Brookover, Eric Goodman, Kim Milford, Eric Kool-Brown, Heather Flanagan, Keith Wessel, Tom Demeranville, Mike Grady, Albert Wu
With: Ian Young, Dean Woodbeck, David Walker, Nick Roy, Dave Shafer, Shannon Roddy, Garrett King, IJ Kim
The next Federation Manager release should hit production next week.
We are preparing to run the first set of tests for Baseline Expectations. Dean and Tom Barton have a plan for the first round of communications to admins and execs about the quality of metadata. Initially this will be a manual process, but will become automated
Shannon updated the group on a few security issues. Most pertinent is an attack called ROBOT (https://robotattack.org/). He has identified three IdPs that are vulnerable and has communicated with them. There is no evidence that this has been exploited. Shannon shared the information with REN-ISAC and (AI) he will follow up with Doug Pearson at REN-ISAC on that.
Trust and Identity Update
With the Internet2 reorganization, several former NET+ staff members have joined the trust/identity group. They will continue with their NET+ responsibilities, but we now have some additional expertise in trust and identity.
Working Group Updates
Attributes for Federation WG - Members of the working group are contacting some IdPs that have been identified as having researchers that could benefit from R&S, but the IdP is not releasing the attributes for their organization. WG members will ask questions about R&S, with a focus on why the institutions are not releasing the attributes, to see if there are common reasons or blockers.
Deployment Profile WG - Keith Wessel reported that the group is reviewing its proposed edits to SAML2int and will then move to a community feedback phase. This is a precursor to the work that the WG is chartered to do. Expect to have something to point to in a couple of weeks.
OIDC/OAuth Deployment WG - Eric Kool-Brown reported that the WG is looking to put together some deployment use cases and is in the early phases of gathering that information. They are also soliciting presentations from anyone who has deployed this technology.
Streamlining SP Onboarding WG
Garrett King joined the meeting (co-chair of the SP Onboarding WG). This working group grew out of a “making Shib IdP easier” concern. One large problem is IdPs being expected to guide SPs that are unfamiliar with Shib through the installation and configuration of the software. The WG is looking to develop some guidance and clarify what it means to be part of a federation (particularly for SPs). They are looking at interoperability standards and ways to reduce the burden on IdPs.
The Big Ten Academic Alliance cloud services cookbook is a starting point. The WG is also reviewing information on the wiki. They plan to document a common technical vocabulary, standardize existing information, and gather relevant documents in one place. The WG has committed to at least two documents - one that would serve as a primer, and one that would document criteria.
Heather Flanagan has contacted library SPs to generate interest in participating in the WG. Judith Bush said she plans to participate, as well.
Global Summit F2F
There was discussion about whether to hold a TAC face-to-face at the Global Summit in May. There does not appear to be critical mass, but (AI) Dean will submit a request for a working meeting, just in case.
After the last meeting, Mark provided some links to past roadmaps and work plans.
Internet2 T&I Orgs & Advisory - DRAFT (under development)
Dean provided a five-minute overview of how TAC has evolved over the last 10 years or so. Mark did a quick review of the other advisory groups in Trust/Identity and how they fit together. (Internet2 T&I Orgs & Advisory - DRAFT)
(AI) TAC members - review the documents noted above. Are there topics that need new WGs spun-up? Look at existing WGs - are there things that TAC can provide that will help them be successful.