Minutes
Attending: Matthew Brookover, Judith Bush, Janemarie Duh, Matthew Economou, Heather Flanagan, Eric Goodman, Mary McKee, Steven Premeau, Mark Rank, Keith Wessel
With (Also Starring): David Bantz, Johnny Lasker, Kevin Morooney, Nicole Roy, David Walker, Ann West, Albert Wu, Steve Zoppi
Regrets:
Status Updates - Q&A
- T&I and Ops Updates (Ann/Nicole/Albert/Dave/Johnny)
- The eduroam migration is well underway.
- International Update, SeamlessAccess, and Browser Changes Updates
- Working and liaison group updates - including 2022 plan items
- Fed 2.0 & FedTest
- Consensus is for Judith to get the Federation Test group started with the "Email to introduce myself, announce need of cochair, and doodle poll for meetings in Jan" option she suggested in her note.
- Fed 2.0 & FedTest
Officer Election / Member Election outcome
- Results are officially in for new members and officers. The winners will be informed, and a public announcement will be made after approval by Steering.
IdP Discovery Recommendations
- https://docs.google.com/document/d/1bAkzi3GGImWG6l0JX--TQG8mIAhEuNAKE65XvypxJgw
- This is really the only place the federation has visibility, except when things are going wrong. Not providing a discovery service would be a bad idea.
- The draft looks pretty good. Drop dead date for comments is a week from today, so it can be revised for final approval in the next TAC meeting.
2022 Work Plan brainstorming
- https://docs.google.com/document/d/198NXwKaVIBlsldY_3BH8iboMJ8eSK2hbyftWKXIPcQA/edit
- Next year is likely to be similar to this year.
- We should have discovery completed this year, so it can be removed for 2022.
- Browser issues will continue for a long time, but we should keep it on the list to monitor what's being done.
- Heather estimates SAML federations will be OK for, say, 24 months, since the current major impact is on Single Log Out, which few people use.
- We have a continuing responsibility for HECVAT. Should we add it at least as an annual check-in?
- An annual check-in aligns with conversations Kevin has had with HECVAT leadership
- HECVAT will be added to the 2022 work plan for an annual check-in.
IdP Migration Best Practices / SP Use of IdP Entity ID
- Discussion - IdP Migration Best Practices
- Some time ago, EDUCAUSE reported IdPs changing their entityIDs. This has always been (and continues to be) an ongoing issue.
- We have pretty strong language saying institutions should not change their IdP's entityID, but it still happens.
- This touches on some of the issues the WAYF Entry Disambiguation WG is considering. There is a white paper that could be a model for presenting this “changing entityID” issue.
- The deployment profile stresses that a customer may have more than one IdP. This represents many library use cases.
- IdPaaS providers see this. Some (Cirrus) allow customers to keep their entityIDs, but not all
- There are scenarios where changing an IdP’s entityID make sense. Are there ways SPs can mitigate the effect?
- We need community guidance, particularly for IdPaaS providers.
- This issue will be added to the 2022 work plan.
Next Meeting - Thursday, December 16, 2021
EMail Updates
International, SeamlessAccess, and Browser Interaction updates
| Subject: | [TAC-InC] International, SeamlessAccess, and Browser Interaction updates |
|---|---|
| Date: | Wed, 1 Dec 2021 09:22:51 -0800 |
| From: | Heather Flanagan |
International Update
TNC22 (13-17 June 2021, Trieste, Italy)
The Call for Proposals is closed, and it looks like one of the heaviest submission years ever.
REFEDS
The REFEDS meeting generated excellent discussion, and Nicole Harris captured a summary in a blog post. A link to a recording of the meeting is included in that post.
Open Consultations
Recently Closed Consultations
- Consultation - Federation 2.0 Report - the Federation 2.0 working group is currently working through the comments received during the consultation and will continue to meet weekly until all comments are addressed
Entity Categories
- The R&S Working Group is looking for a time to meet again to start harmonizing the Anonymous Authorization and Pseudonymous Authorization entity categories with the Personalized Entity Category
SeamlessAccess
The product roadmap is always available to the public: https://seamlessaccess.org/services/
The WAYF Disambiguation Working Group has published its problem statement paper and is preparing a survey to approximately 50-60 institutions that have been clearly identified as experiencing the WAYF name collision issue in aggregated metadata. The survey will go out to both librarians and Campus IT at those institutions with a goal of measuring level of awareness (that name collisions like this exist) and if/how institutions handle the problem (e.g., through education, or on a case by case basis if anyone asks, or some other way).
Browser Interactions
A more technical session regarding the browser issue was offered and recorded as part of the free OAuth Security Workshop (https://barcamps.eu/osw2021/). The session is being recorded.
Fed 2.0 & FedTest
| Subject: | [TAC-InC] Fed 2.0 & FedTest |
|---|---|
| Date: | Thu, 2 Dec 2021 16:24:39 +0000 |
| From: | Bush,Judith |
Fed 2.0: continuing response to consultation. At a high level, much of the response from consultation was to call out the lack of mention of existing organizations. Of course, the working group was aware of all these, and the inclusion doesn’t change the recommendation. The group had chosen to only mention the existing orgs in the most important but final recommendation, identifying some of the roles they could take on in in respect to that recommendation.
Quickly adding the groups in as part of the current landscape presumably isn’t sufficient: why those groups aren’t filling the identified gap is likely the underlying issue. Explaining that it’s not their “job” without sounding critical of work the groups do, is the writing challenge.
--== ∞ ==--
I trust that FedTest is going to be play far more to my technical strengths than serve to underscore my narrow view of the community! I would like advice
- Email to introduce myself, announce need of cochair, and doodle poll for meetings in Jan
OR
- Email to introduce myself and poll to ask questions about time to spend on the topic and interest, as well as the doodle type “can /can’t/maybe” scheduling questions.
Advice welcome.
j
CTAB Update
| Subject: | [TAC-InC] CTAB Update |
|---|---|
| Date: | Thu, 2 Dec 2021 16:57:40 +0000 |
| From: | Eric Goodman <Eric.Goodman@ucop.edu> |
| Reply-To: | tac@incommon.org |
| To: | tac@incommon.org <tac@incommon.org> |
I was late to the meeting Tuesday so missed some of the earlier topics on this week’s CTAB call.
I keep these summaries very short, but let me know if people want more detail on any items:
- Reviewed election results, initiated chair/co-chair election results.
- n.b., Brett Bieber stepped down from CTAB this term; the committee thanked him for all his previous service.
- Assignment of contact followup for non-compliant BE2 orgs initiated.
- Discussion of wording/process/formality around BE2 compliance, especially related to TLS and SSL Labs scores.
- How to clarify the SSL Labs A requirement/equivalent expectation?
- What does dispute/followup look like? Do we call it “Dispute resolution” or some other term?