Minutes - February 1, 2018
Attending: Judith Bush, Eric Kool-Brown, Mark Scheible, Matt Brookover, Heather Flanagan, Keith Wessel, Mike Grady, Eric Goodman
With: Nick Roy, David Walker, Dean Woodbeck, Ian Young, Dave Shafer, Steve Zoppi, Kevin Morooney, Ann West, Shannon Roddy
Regrets: Janemarie Duh
NOTE WELL: All Internet2 activities are governed by the Internet2 Intellectual Property Framework
ROBOT update - InCommon Ops identified three vulnerable IdPs in InCommon metadata. All three were contacted and made the fix prior to the Shibboleth Consortium announcing the vulnerability.
TLS support for metadata downloads was announced yesterday.
FM release v3.2.1 - Dave Shafer reviewed this release, which is mainly changes that the user will not see directly..
The Metadata Aggregator v8 will be released Feb 28. This release will incorporate a new rule framework for validating scopes, permitting regular expression scopes but validating them. It also catches issues with some problematic scopes.
Updated FM roadmap - the 2018 roadmap is nearly ready for public consumption.
Trust and Identity Updates
Continuing work on FM, moving operations to the cloud
Metadata health checks coming
Working on community consensus process with CTAB
Updating PA and FOPP to remove references to POP and replace it with Baseline
Working on two dispute resolutions processes: one involving community-community disputes and another for community-InCommon disputes. Staff are also looking at how InCommon is meeting Baseline Expectations
Working Group Updates
Attributes for Collaboration and Federation WG - Mark Scheible - Members of the group are contacting IdP operators to gather information about why they don’t release R&S. The group also conducted a survey along that same line.
OIDC WG - Eric Kool-Brown - Nathan Dors, the WG chair, produced a roadmap with work streams and timelines. The group is also developing a template to survey for deployments.
SP Onboarding WG - Judith Bush - The group is looking at the current SAMLint work.
Deployment Profile WG - Keith Wessel - The WG is closing in on completing the SAMLint work. They are also identifying issues that might be addressed by a follow-on group.
Mark summarized accomplishments from previous TAC roadmaps and discussed the potential for 2018.
2017 TAC accomplishments
Increased transparency - minutes, membership process, nomination process, wiki pages
New working groups and participation of new TAC members in them
Successfully recruiting more diverse TAC members
2016 TAC accomplishments
Results of OIDC survey which suggested the chartering of the OIDC implementation WG
InCommon Per-Entity Metadata WG
Implementation Profile WG (which resulted in https://kantarainitiative.github.io/SAMLprofiles/fedinterop.html) - also led to the current Deployment Profile WG
The charter may need to be revised, given the new Trust and Identity governance/advisory structure
A revised or new mission statement may also be necessary, based on the current environment and projects, particularly related to research and collaboration. It may be helpful to have Tom Barton speak to TAC about these efforts. In addition, with the expansion of staff, Internet2/InCommon employees can now focus on many issues that TAC used to handle, as do the CTAB and Ops Advisory Group.
Kevin reported that four groups have all had the same conversation independently: management, TAC, PAG, and CACTI. They are all discussing developing priorities and/or work plans for 2018 and beyond. Kevin is piecing these together and anticipates a task force that will help compile and correlate these and help set a direction for the future.
Suggested areas of focus for 2018
Need to pull Tom Barton back in as a subject matter expert in this area, as well as security?
Supporting Academic Collaboration
Re-engaging the libraries, including developing materials to educate them about federation and attributes and the relationship with privacy. Heather discussed the RA21 and provided a couple of relevant blog posts:
Mark pointed to work that was done a number of years ago concerning InCommon Working Groups that included libraries:. https://spaces.at.internet2.edu/display/inclibrary
Security - What are the expectations for software and of InCommon Participants (given that we have now embarked on Baseline and a community consensus and dispute resolution process?
Note: Mark has asked Brett Bieber to talk to TAC about Baseline Expectations (BE), where we are as a community in meeting BE, and CTAB goals/roadmap - scheduled for March 1st TAC meeting.