Thursday, January 17, 2019
Action Items from Last Call
- (AI) Albert will provide a written report regarding InCommon staff responses to recommendations from the Attributes for Collaboration and Federation WG and the Streamlining SP Onboarding WG.
- (AI) Eric Goodman will share the RFP that UCOP used in developing an SP Proxy service as a way to start development of a charter for a working group.
Attending: Keith Wessel, Janemarie Duh, Matthew Economou, Mary McKee, Jessica Coltrin, Eric Kool-Brown, Matt Brookover, Heather Flanagan, Mike Grady, Judith Bush, Eric Goodman, Heather Flanagan
With: Albert Wu, David Walker, Dean Woodbeck, Nick Roy, James Babb, Dave Shafer, Ian Young, IJ Kim, Shannon Roddy,
Intellectual Property Reminder - All Internet2 activities are governed by the Internet2 Intellectual Property Framework
Public Content Notice - TAC minutes are public documents, please let the TAC and note taker know if you plan to discuss something of a sensitive.
(AI) TAC members review Eric’s SP proxy background document, add any technical requirements or use cases, to provide a basis for a charter.
Baseline Expectations update
91% of organizations meet BE
95% of IDP meet BE
96% of SPs meet BE
CTAB to kick off stage 3 of Dispute Resolution Process - moving orgs not meeting BE into Dispute Resolution Dockets (70 out of 757 orgs remaining)
Proposed InCommon Fee Change
Kevin Morooney, Sean Reynolds, and Ted Hanss led a webinar yesterday outling the need for an InCommon fee change to operate and enhance the federation and continue the software development work started by TIER. Background information, including the webinar recording and slides, are on the wiki: https://spaces.at.internet2.edu/x/DQJ0C
MDQ and FM updates
This will be the topic of the IAM Online on January 23 (2 pm ET). We will likely ask those that have been using the Beta per-entity service to move to the new service. A launch to all is anticipated for June.
As of next Tuesday, Ops is implementing automated metadata approval to ease the load on the RA. This also puts us in a position to allow people to self-assert things like R&S.
Schema discussion going on at REFEDS. Also establishing a schema board - recommendations are welcome.
Personal identifiers conference is next week (PIDapalooza). Heather will attend to determine if this should be on our radar in Dublin (Ireland).
REFEDS steering committee will have some turnover with the beginning of the year.
APAN is coming up.
RA21 governance planning group is meeting at the end of TIIME in Vienna.
Professional development organization, IDPro (idpro.org) incubated in Kantara. Now focused on enterprise and commercial; needs some R&S experience.
Working Group Updates
- OIDC Deployment - Planning to concentrate on recommendations for the deployment of the Shib plugin.
- Deployment Profile - in the nit-picking phase. After that, will be some clean-up work and passing this on to Kantara and creating a final report. Estimate for close-out is end of January.
- REFEDS Federation 2.0
- First meeting on Wed January 23 10 am Eastern
- Every 2 weeks from 10am to 11am on Wednesday Eastern Time, https://internet2.zoom.us/j/8853848902, Meeting ID: 885 384 8902
- Federation 2.0 Mailing List: https://lists.refeds.org/sympa/info/federation2
- Tom Barton is looking at funding for a facilitator for the scenario planning. First step will be thinking about what is changing on the landscape.
2019 Working Group Planning
Reference: Guidelines for sponsors and flywheels
IdP as a Service Working Group
Have a draft charter.
Need a TAC sponsor (role is to recruit co-chairs, then keep tabs on the WG progress and serve as a resource for the co-chairs). Mary McKee volunteered.
SP Proxy Working Group
Eric Goodman provided a background document based on work done at UC, developed to address use cases seen in the UC system.
Jim Basney's blog post on proxies: https://refeds.org/a/2128
Discussion about whether this is SP proxy, IdP proxy, or SAML proxy
(AI) TAC members review Eric’s document, add any technical requirements or use cases, to provide a basis for a charter.
Should this be a TAC sub-group at this point, rather than a WG? (OIDC example - did a survey to help figure out the goals of the group, then created the WG)
Useful chatter in the meeting chat:
From Matthew X. Economou to Everyone: (10:41 AM)
As an aside, I know of an organization that plans to use a SAML proxy to make their IdP look like a normal InCommon IdP. They don't want to lose the investments they've made in their existing IAM services, but at the same time they recognize the need to better integrate with the federation (something their IdP software can't do).
From David Walker to Everyone: (10:45 AM)
What they are doing is analogous to what I described for SP proxies/shims. They are deploying an IdP that happens to have other IdPs as internal components.
From Matthew X. Economou to Everyone: (10:46 AM)
Continue this discussion on the email list
Eric G is willing to modify his document based on this feedback
These two WGs plus the WGs already in flight would be the work for the first part of 2019.
FIM4R Report Response
Chris Phillips, as chair of CACTI, has shared a response to the FIM4R report. The focus is on collaboration as a service; the response looks at how InCommon (and Internet2 Trust and Identity overall) fare with the report’s recommendations. Overall the recommendations are:
Increase focus on sustainability
Improve trust and identity governance with research representation at all levels
The group writing the report meets tomorrow and may wrap up its work then, but any last-minute comments could be made before that time.