Attending: Judith Bush, Janemarie Duh, Mark Rank (first half), David Bantz, Eric Goodman, Heather Flanagan, Matthew Brookover, Mary McKee, Eric Kool-Brown, Keith Wessel, Les LaCroix
With: David Walker, Nick Roy, Albert Wu, Steve Zoppi, Shannon Roddy, Jessica Fink
Scribe: Nick Roy, Albert Wu
Intellectual Property Reminder - All Internet2 activities are governed by the Internet2 Intellectual Property Framework.
Public Content Notice - TAC minutes are public documents. Please let the TAC and note taker know if you plan to discuss something of a sensitive nature.
Working through changing github branching naming to use more culturally sensitive terms (changing master to main). This is proving to be challenging due to default assumptions in systems. Continuing to work on making progress.
Working on contact name change, as well as encryption (CBC/GBC) support in FM. Working on a plan to make a gradual change for both of these. Here's a summary of the current thinking:
- We introduce the change to contact format to use the mailto: schema for all new and updated metadata and for SPs to default to CBC encryption in metadata for all new and updated metadata. We send a communication at least a week in advance to let people know that this stuff already exists in metadata because it’s imported from eduGAIN, we’re just now going to slowly introduce it into InCommon participants’ metadata. Give them a timeframe for the slow rollout, and a timeframe for the bulk update.
- Wait and see: Monitor the situation for a month and field reports of issues
- Adjust schedule/comms as needed
- When ready, announce and run the bulk update for mailto:
- When ready, announce and run the bulk update for CBC/GCM (default all SPs to CBC support)
BaseCAMP was a big success.
International and SeamlessAccess updates
The eduPersonAffiliation subcommittee of the REFEDS Schema Editorial Board met earlier this week to discuss whether it is possible to come up with a global definition for an affiliation of “researcher”. The tentative conclusion of that discussion is that this group is not the right body to create that definition, and will instead recommend the use of a locally defined entitlement (where local may be at the federation level, the research collaboration level, or the institution level) that would allow definitions more appropriate to the given use case. If, over time, we see a commonality in the local definitions, we may revisit whether a global definition is possible. Notes from the meetings are available here: https://wiki.refeds.org/display/STAN/eduPersonAffiliation+subcommittee
Given the generally slow time of the northern hemisphere’s summer, other work including the R&S v2 effort is on hold until September 2020.
The consultation period for the three proposed attribute release entity categories continues through August 31, 2020. Information on the consultations is available on the REFEDS Consultation page: https://wiki.refeds.org/display/CON/Consultations+Home. If you have not registered for NISO’s webinar on 10 August 2020, please do so: http://www.niso.org/events/2020/08/seamless-access-presents-entity-categories-and-attribute-bundles.
Now that the entity category work is in consultation, a new working group is spinning up to discuss how these entity categories can be used in contracts with publishers (though this information may be applied more broadly) to clearly describe what kind of information may be released to the SP.
Last but not least for the SeamlessAccess update - Elsevier, via their ScienceDirect platform, has rolled out their implementation of SeamlessAccess. Users who try to access specific articles will see the SeamlessAccess button and enjoy the pre-population of that button via the SA persistence service. See https://seamlessaccess.org/posts/2020-07-28-sciencedirect/ for more information.
The browser vendors are expected to be responsive to the issue of third-party tracking. Unfortunately, their work to deal with this has some significant implications for identity flows through the browser. The good news is that the browser vendors are still in the early stages of figuring out exactly what they want to do. That allows the broader IAM to engage in the conversation and ensure that all the major use cases are considered. Discussion on this topic has, at least in part, moved into the W3C’s Web Incubator Community Group through Google’s webID project (https://github.com/WICG/WebID). While the webID developers have, to date, focused solely on the consumer space, issues have been raised to highlight enterprise SSO and academic federation requirements. It’s worth noting that the WICG attracts web API developers; additional expertise will almost certainly be needed in the privacy space and standards development. If you have any interest in this work, W3C community groups are free to join, and your voice would be a big help in making sure we are a part of what happens in this space.
NIST 800-63C review
- Subgroup (Tom/Heather/Matthew E/Janemarie/Albert/Ann) is working on a response based on Tom Barton’s response via Kantara.
- Albert working on drafting response based on discussion thus far
- Meeting again next Wednesday at 3PM ET
Subject Identifier doc review
- Good progress. Albert will polish up sections we’ve discussed. We will come back to Strategy for Adopting SAML2 Subject Identifiers and Service Providers: Strategy for Dealing with Identifiers, and Handling Identifiers in SAML.
- Next Steps:
- Do more wordsmithing offline
- Albert will create a separate document for the strategies
- Summary for Steering will need to be queued up soon, but not until we’re further along
- At some time we will want to create another document on why we are doing this and the repercussions of the work
Test Federation WG charter
- The group took a quick, high level look at this
- Careful to not include implementation details in charter, this is the work of the WG. The intention in drafting this was to be as high level as they could.
- Next steps:
- Review in more detail and discuss the comments