September 26, 2019

Attending: Matt Brookover, Matthew Economou, Keith Wessel, Janemarie Duh, Judith Bush, Mike Grady, Eric Goodman, Eric Kool-Brown

With: Dean Woodbeck, David Walker, Les LaCroix, David Bantz, Shannon Roddy, Jessica Coltrin, Albert Wu, IJ Kim, Dave Shafer, Ian Young, Nick Roy, Steve Zoppi


Intellectual Property Reminder - All Internet2 activities are governed by the Internet2 Intellectual Property Framework.

Public Content Notice - TAC minutes are public documents. Please let the TAC and note taker know if you plan to discuss something of a sensitive nature.

T&I and Ops Updates

  • T/I retreat last week in Ann Arbor. Mainly roadmap alignment for 2020 across all division functional areas. At the end, uploaded the metadata signing key to AWS - part of the transition to automated metadata signing and move to MDQ.
  • The alignment work will be visible in Confluence and JIRA and will appear in the wiki, including a dashboard with projects and status updates

International Updates

  • Heather sent a number of items to the TAC email list
  • Janemarie will add the SimpleSAMLPHP WebAuthn plug-in topic to a future TAC agenda

Working Groups and TAC/CTAB/CACTI Collaboration Updates

OIDC Deployment - Jessica has been in contact with Nathan and working on a time to discuss the closing of the working group

REFEDS Federation 2.0 - Still engaging with stories and implications - to be discussed next week. Next step is to develop strategies.

IdP as a Service - The WG has parsed the survey results and have begun publishing material on the wiki.

CACTI - Had a long discussion about integration issues with the wider communities that use federated identity. Some talk about evangelism to integrators and developers to build better support for federation (such as sharing and discussing SAML2int). Also discussed KeyCloak (an open source software product to allow single sign-on with Identity Management and Access Management aimed at modern applications and services).

CTAB - No update

2020 TAC Membership 

  • There are four open slots, including the three current members with terms ending this year. 
  • Outgoing members, please reply to Janemarie about your intent to continue (or not) by September 30
  • Jessica is coordinating a central notice for nominations to all advisory groups
  • Janemarie has drafted information about potential expertise that might be of interest to TAC

Microsoft ADFS Patch 

A recent ADFS patch has the unintentional consequence of preventing ingestion of signed XML metadata. This may affect a small number of IdPs in InCommon and eduGAIN. This is not considered to be an emergency, but things could break for the affected organizations. InCommon staff have updated the appropriate wiki pages with this information. The consensus was that, as vendor software, InCommon was not responsible for official notification to Participants.

Current Work Items

Janemarie referred TAC members to the 2019 work items and the status of each. These include:

  • IdPaaS (in progress)
  • Incentivize adoption of best practices through badging sub group (in progress)
  • Address new TAC member onboarding and communication gaps (soon to be on deck - Jessica and Janemarie)

2020 Work Items 

(AI) TAC members should review the 2020 work plan and make comments or propose additional items. In addition, please keep these work items in mind as we recruit TAC members for terms starting January 1. Current items include:

  • Deployment Profile WG 2.0 (create an R&E specific profile to layer on top of SAML2int)
  • Test Federation (convene a working group in early 2020 to gather requirements)
  • CIC cookbook refresh
  • Possible additional item - standardizing how we talk to vendors about federation

Next meeting

  • Demo of Federation Manager and wireframes Albert has developed for separate signing and encryption keys.

Next Call October 10

1 pm ET / Noon CT / 11 am MT / 10 am PT

  • No labels