Minutes

Attendees: Keith Wessel, Heather Flanagan, Derek Eiler, Joanne Boomer, Matthew Economou, Mark Rank, Matt Porter, Steven Premeau

Reps from other groups: David Bantz, Les LaCroix, Krysten Stevens

Staff: Johnny Lasker, David Walker, Albert Wu, IJ Kim, Nicole Roy, Ann West, Kevin Morooney

Reminders to add to the 2022 TAC accomplishments report

  1. link to draft 2022 TAC Accomplishments Report

  2. Work item leads/contributors, please add to report by the end of the calendar year

  3. Include what was accomplished, what wasn’t and why, what’s planned for next year

Members Intros and critical TAC questions 

  1. Steven, director of large enterprise systems for University of Maine System
  2. Matthew, works for large virtual research organization/service provider
  3. Heather, TAC vice chair, also works with W3C, ICANN, REFEDS, ID Pro
  4. Ann, AVP Trust and Identity and Executive Director of InCommon, prior to InCommon worked at Michigan Tech. Focused on community outreach
  5. Albert, InCommon Federation Federation Manager. Helping everyone advance the mission of the federation. He is the flywheel for TAC. At InCommon for 4 years, but in the community for about 20 years
  6. Joanne, works for University of Missouri. 4 Universities rolled up into one. She brings a system perspective. Second year on TAC.
  7. David Walker, a designated SME for TAC. Came to this community as the prime mover behind UCTrust. Contractor for Internet2 and the Big 10
  8. Krysten, been in HE for 13 years, IT in various capacities for 20+ years. POV of operational and security. REN-ISAC Director of Technical Operations
  9. IJ, Operations at Internet2, been here since 2001. Learns from the group
  10. Mark, Director of Product for Cirrus Identity. IAM at University of Wisconsin prior to that. Joined Cirrus 5 years ago, brings perspective of IdP, SP, vendor
  11. Johnny, IAM team at Internet2, worked at EDUCAUSE prior, enjoys learning from TAC, supports Federation Manager
  12. Derek, Nevada Systems’ shared IT services office, supported federated IAM infrastructure and infosec compliance (e.g., HIPAA), lead WorkDay integration statewide, linking Nevada higher education institutions together
  13. Les, liaison from CACTI, background in software engineering, currently IdP operator/integrator and IAM manager at Carlton, a small liberal arts college
  14. Nicole, Director of Technology and Strategy at Internet2. Identity Management for 20 years.
  15. Matt, systems integrator focused on supporting service providers. Listening/learning from TAC
  16. Kevin, VP of Trust and Identity at Internet2, InCommon’s #1 cheerleader! Also does NET+ stuff.
  17. Keith, TAC chair, runs IdP for U. Illinois, also provides Shibboleth assistance for NCSA and Big Ten Academic Alliance. Also chaired Deployment Profile WG.

Further thoughts on the 2023 proposed work plan

draft 2023 TAC Work Plan

Email Updates

InCommon Operations update:

From Johnny Lasker:

Quick InCommon Operations update: we released our upcoming Delegated Administrator updates to the Federation Manager on 12/14/22. No changes are visible to end users at this time; functionality is status quo. We will ‘flip the switch’ in January.

CTAB meeting update:

From Eric Goodman:

  • Introductions/welcomes for the new CTAB members
    • Not just the new members, an opportunity for the new members to meet and get to know the existing membership as well as vice-versa.
  • Review of the 2022 workplan and discussion of what should be on the 2023 workplan

International Update

From Heather Flanagan:

REFEDS

  • If you have not reviewed the consultation for the MFA Profile v1.1, it is open until 15 January 2023 (extended to account for the holidays).
  • The REFEDS meeting at TechEx was well attended. The meeting page will be updated with the slides from the various sessions before the end of this calendar year. See https://refeds.org/45th-meeting-december-2022

Browser Interactions

TechEx saw an amazing outflow of energy around the browser space! Below are pointers to more information for developers to learn more. Note that the slides from the session will be posted on the conference website soon.

Pre-reading:
FedCM official repository: https://github.com/fedidcg/FedCM/
Allow Multiple IdPs: https://github.com/fedidcg/FedCM/issues/319

IIW November 2022 Notes:

  • FedCM 101:

https://docs.google.com/document/d/18-KCYYEfTGB-4nGkmL0myb8k01ESyUgoEi5uZv5Ns8s/edit

  • IdP Discovery and FedCM:

https://docs.google.com/document/d/1QEQ5SeV-RTw2UnF5_jnPk-HD7ZKGoEA788JEeWNvI68/edit

  • Mapping FedCM to OIDC capabilities:

https://docs.google.com/document/d/1nhvHKWti1-941M6wf_yNh8TVNRDgN8r3KvaN2ssZwFg/edit

Relevant Google Announcements:


List of protocol elements that will break over time: https://github.com/fedidcg/use-case-library/wiki/Primitives-by-Use-Case 

Sample Decision Tree Flows

Hackathon reference repo (thanks, Nicole!)
https://github.com/nckroy/fedcm-rne-hacking

ETA:

The IDPro Body of Knowledge is releasing new and refreshed articles this week. New articles include:

  • Multi-factor Authentication (will be published 12/16/2022)
  • Strategic Alignment and Access Governance
  • Words of Identity

And revised articles include:

  • Authentication and Authorization (v2)
  • Practical Implications of Public Key Infrastructure for Identity Professionals (v2)
  • Introduction to Privacy and Compliance for Consumers (v3)
  • IAM Reference Architecture (v2)
  • Delegated Authentication Using a SAML Web Browser SSO Profile (v2)

The official landing page for the IDPro BoK is https://idpro.org/body-of-knowledge/, but you can find all these articles in one place here: https://bok.idpro.org/issue/12/info/

CACTI Updates

At TechEx, CACTI discussed 2022 accomplishments and 2023 goals with the community.
- See the presentation slide deck for context

Next Call @ January 12, 2023

  • No labels