Minutes
Attending: Matthew Brookover, Judith Bush, Janemarie Duh, Heather Flanagan, Eric Goodman, Mary McKee, Steven Premeau, Mark Rank, Keith Wessel
With (Also Starring): David Bantz, IJ Kim, Johnny Lasker, Kevin Morooney, Shannon Roddy, Nicole Roy, David Walker, Albert Wu, Steven Zoppi
Regrets: Les LaCroix, Ann West
Status Updates / Q&A
- T&I and Ops Updates (Ann/Albert/Nicole/Shannon/Dave/Johnny)
- Albert has started posting Baseline Expectations progress on the wiki: https://spaces.at.internet2.edu/display/be.
- A new version of the Federation Manager was deployed this past week.
- International Update & SeamlessAccess Update (also contains Browser Interactions updates)
- A new REFEDS Blog post on the GÉANT Data Protection Code of Conduct was published today (8 April 2021): https://refeds.org/a/2577.
- Working and liaison group updates - including 2021 plan items
- Federation 2.0
- Federation Testing Working Group
- The next CTAB meeting will be a public "office hour" to address questions about Baseline Expectations 2.
- The final IdPaaS report has been approved by Steering. Congratulations to Mary and the rest of the group.
Update on Deployment Profile Next Steps
- Single logout will absolutely be one of the things that breaks in the browser interaction changes as third party cookies go away.
- Keith: Stay tuned next meeting for a draft statement on addressing the Deployment Profile within InCommon.
Possible amendment to Work Plan - do recent discussions mean we want to consider a change in 2021 Work Plan?
- Addition of federation issues into HECVAT
- This will be added to the work plan. Mary McKee, Keith Wessel, Nicole Roy, Mark Rank, and Steve Premeau have volunteered.
- How does the original design of “InCommon” translate/map to today’s/emerging R&E IT landscape, for example:
- Protocols: OIDCre, DIDs
- There are no alternatives right now, but is the future possibility something we want to consider? If yes, how do we make that future happen? Do we support multiple protocol-specific federations? Or do we support one federation that can handle a variety of protocols?
- Protocol agnostic is not the same as supporting multiple protocols
- Fed 2.0 is realizing that we need to support access control, not just identity.
- What's important about federation?
- Perhaps not the protocol. We use SAML, as it's what was available when we created InCommon.
- It's the community trust and understanding of what's communicated.
- This is a conversation we need to have with a larger audience.
- XaaS and how cloud architecture/operation affects federation model and the role of proxies in federation
- Are there other federation models (e.g., hub and spoke) that make more sense to accommodate cloud services?
- This is not just a protocol issue; there are also issues for the trust model, funding, etc.
- Something needs to change, and it’s better to get ahead of the change, rather than having the change break things.
- Keith will get these issues onto the next quarterly meeting of group chairs.
- Protocols: OIDCre, DIDs
(If time available) IdP V3 EOL - do we need to do anything there?
- There wasn’t time.
EMail Updates
International, SeamlessAccess, and Browser Interactions Updates
| Subject: | [TAC-InC] International, SeamlessAccess, and Browser Interactions Updates |
|---|---|
| Date: | Wed, 7 Apr 2021 14:56:38 -0700 |
| From: | Heather Flanagan |
International Update
The REFEDS Baseline work has been approved by the REFEDS SC committee and published on the REFEDS website: https://refeds.org/baseline-expectations
The consultation for eduPersonAnalyticsID has closed, and it's now time for the subcommittee to reconvene and go through the comments received.
If you missed the session last week on the results of the REFEDS 2020 Survey, the survey presentation and results are available on the REFEDS wiki: https://wiki.refeds.org/display/OUT
But wait, there's more! REFEDS has added a blog post about the new entity categories: see https://refeds.org/a/2558
SeamlessAccess Update
The SeamlessAccess UX and Development team is currently focused on working through the feedback and ideas generated during the recent Integrators' Workshop. One solid piece of research, which will be published on the SeamlessAccess documentation wiki, shows that the more options given to the user on how to access material on site, the less likely they are to know what to do. Elsevier, as an example, offers seven different ways fo ra user to potentially get to an article. The UX team is considering how to adjust their recommended practice documentation to discourage this behavior on the part of the SPs; the challenge being that complicated business models often result in complicated user experiences, so it's unclear that a simple recommendation of "show just one thing) will ever work.
The UX team is also considering how to handle IdP signaling and filtering (i.e., how to signal to a user whether a given IdP in a WAYF list will likely work for them or not). There are several parts to making this work, from UX design to back end coding, meaning this work will likely take several months to complete.
These workshops happen quarterly, and the next one is scheduled for 12 July 2021.
Browser Technology Changes
Free virtual OIDF workshop, including a special session with Google regarding the browser interaction work. Registration link: https://openid.net/2021/03/01/registration-open-for-openid-foundation-virtual-workshop-april-29-2021/.
There will also be a longer workshop in May that gets into more gory details and will (hopefully) make progress on hashing out some short term mitigations to the fact that third-party cookies are going to go away. Details on that are TBD (including exact date).
Sam Goto has updated his explainer doc (https://github.com/wicg/WebID) to include a more concrete sense of timelines and sequencing of work, a first exploration on logout (which is one of the more urgent things that will break), a break down of short term solutions (i.e. this year) vs long term solutions (i.e. next year), and a bit more on how people can directly engage to help provide input.
Heather Flanagan — Translator of Geek to Human
https://sphericalcowconsulting.com
Federation 2.0
| Subject: | [TAC-InC] Fed2.0 |
|---|---|
| Date: | Thu, 8 Apr 2021 14:33:58 +0000 |
| From: | Bush,Judith |
The WG reviewed the latest contribution to the report.
For the next call one participant will refactor the new contribution into new sections and the Recommendations section wil have the draft completed.
Once that’s done, the WG will go top-to-bottom through the report to ensure that it reflects the themes and ideas we’ve discussed, all in a reasonable flow. That initially complete draft report will be put through the REFEDS Consultation process. The WG’s final effort will be to take Consultation feedback into account in producing a final version of the report, and to respond to each bit of feedback provided.
judith
Federation Testing WG
| Subject: | [TAC-InC] Federation Testing WG |
|---|---|
| Date: | Thu, 8 Apr 2021 12:45:11 -0400 |
| From: | Janemarie Duh |
Hello,
I am working on wrangling the start-up of the Federation Testing Working Group.
We have a lead on a possible co-chair; the second co-chair will be identified from those who sign up to participate in the group.
The housekeeping of setting up the list, wiki, etc. will happen after a flywheel is identified. Once the scaffolding is in place, I'll announce the group to Participants and other cohorts.
Janemarie