Minutes

Attendees: Derek Eiler, Steven Premeau, Joanne Boomer, Eric Goodman, Keith Wessel, Judith Bush, Mark Rank, Heather Flanagan

Reps from other groups: Les LaCroix (CACTI) 

Staff: IJ Kim, Apryl Motely, Nicole Roy, Albert Wu, Johnny Lasker

Others: David Walker

Regrets: Ann West

Scribes: Judith & Johnny & Steven


  1. Agenda Bash + request for notable working and advisory group update
  2. Status Updates - Q&A
    1. Johnny clearing out legacy admin login and working on EduRoam relying parties testing, some other behind the scenes updates
    2. Albert: doc ID for 2022 Accomplishments, we do have slides from Niel’s wallet TAC call, so linked for that. Ready to go to Steering Cmtee.
    3. No comments on email notes
    4. Steven noted CACTI changing meeting times; the double liaison may need to be reduced.
  3. (25 min) Finalize 2023 Work Plan - part III
    1. See notes below

InCommon Value Statement Presentation and Discussions

Apryl gives some context for planning: About a year ago InCommon re-engaged an outside consultant re community views of InCommon. Be clear, succinct, message back.

Last year, around this time we reinvigorated that work. Came up with a one pager to explain what we do at a high level. Our value points. Caveat, there is always more that could be said.

Value points for InCommon in the Internet2 context: Get access management management done. Faster. Better. Together.

  • User Lifecycle: InCommon Trusted Access Platform
  • Academic Collaboration: InCommon Federation
  • Security: InCommon Certificates
  • Network Access - eduroam
  • Workforce Development - InCommon Academy
  • Expertise & Support - InCommon Catalysts

Benefit “Academic collaboration” “Community Access Framework” “Connect your users across educational institutions.” 

InCommon doesn’t have representation in the Internet2 Media Resources “One Pagers”  – https://internet2.edu/community/about-us/media-resources/

Brief can be shared internally and externally, everyone can benefit from a clearer picture of what we offer and how we offer it

Mark Rank: I rather strongly believe that the purpose of InCommon is to foster academic research and collaboration, that should come first. User Lifecycle is very organization specific and wondering if that should really be in the first position

 Apryl says they were surprised that the Academic Collaboration wasn’t the First Thing. What CIOs wanted to see was the User Lifecycle elements. Positioning both the collaboration AND the solution provisioning. 

David “More efficient in access management” may be what CIOs are looking for –because they may be thinking about the utility concept of the service, electricity, plumbing, make it efficient. The value is ENABLING ACADEMIA, primarily through the collaboration.  We do this to Enable Academia. In actuality, we are doing the enabling of academics, but to the IT CIO CISO view might be ok.

Nicole: so, we do need to articulate our values for the CIO & CISO world and this does a good job that speaks to them.

Apryl: This won’t be the only piece, there will be companion pieces speaking to other elements

Is this setting us up for a binary? We have a unique value statement? Middle tier institutions may say “my Microsoft and Okta relationships also meet that need.” 

Albert notes that InCommon is more than Federation., and the collective knowledge of how to do identity in Higher Ed. Doesn’t necessarily translate to the federation.  Albert doesn’t see a conflict between the User Life cycle promotion and our Federation work. Can Workplan help bridge ? (Assumption we agree with one pager.)

Eric: Something i would warn against - from the graphic – the discussion about the identity lifecyce gives an example of products. It’s a dangerous place to go to try competing on product. The Life Cycle is independent of software capability.

Judith: echo’s David’s statement …. We know how to do ____ (can extend beyond identity lifecycle management) for academia.

Derek: Thinks the draft 1-pager is a great document, especially when replacing the lack of one. The value is not the products, immersed in commercial software realm, (org structure reports up to finances, etc), Azure, Okta trained folks are a dime a dozen…. InCommon doesn’t compete with the established products: hard lift to try to compete with products.  Focusing on the broader things is more relevant to their engagement.

Les: Products would have a hard time competing with the market, but there’s a huge gap between the commercial solutions and what the academic world needs. The products are important.

Eric: not that the products aren’t valuable, but the slide ONLY mentions the products, and that seems to be a gap.

Apryl says what we are hearing is we have to present ourselves differently than we have in the past. Look for the future and membership. We are being compared all the time. What can we create to be points of entry? People not giving us a fair look. 

Now back to the work plan…. DO we have a guiding theme for this year?

InCommon participation has reached a market limit and we need to change our presentation to reach more broadly.

Work Plan Discussion

How do we remain relevant and appealing to midtier schools? The creation of InCommon Academy allowed us to reach out. To earlier career persons.

Rebranding inCommon (to be more than just Federation)

Keith: Here's the rundown on the work plan because some things sorted themselves out.

  • NIST - headed up with CTAB and Tom Barton.
  • SP Middlethings work - pick up in 2nd half of the year
  • Wallets - CACTI will take the lead
  • REMAINING - very nicely focused
    • SAML deployment profile adoption
    • SAML subject identifiers
    • Anonymous, Pseudonymous, and Personalized entity categories
  • Need bodies to handle the testing, potential depending on what we decide
  • Standing items of browser changes, HECVAT,

Other than the testing, this looks doable. Is this too narrow, broad? Albert has a gut feeling that we want to get going on the subject identifiers, before FedCM gets riled up.

Email Updates

CACTI Updates

From Steven Premeau:

  • CACTI will be moving to a once monthly, two hour meeting schedule to allow for in meeting progress and more collaboritve work between meetings.
    • Exact schedule going forward to be determined via Doodle pool (or equivalent), next meeting and start of the monthly schedule is intended to be the week of 2/26.
  • Representatives to other groups were discussed and will be finalized outside of the meeting.
    • Efforts were made to find a "single, bilateral" representative when that works for the respective groups.
    • Pending conflicts with the TBD new meeting schedule, Les and I will continue to cover our respective unilateral representational duties.
  • Continued discussion of the draft  "CACTI recommendation" on the LastPass breach.

International/Browser Updates

From Heather Flanagan:

International Update

REFEDS

  • The MFA Profile v1.1 is going back to the working group to shift from a 1.1 to a 2.0. This was a decision by the working group based on the consultation feedback. 
  • The REFEDS 2023 work plan has been approved (with some modifications by the REFEDS Steering Committee). The community chat schedule has been updated: 22 February will be a report on the REFEDS Survey and 30 March will be an update on identity and browser changes. 

Conferences

Browser Interactions

  • The FedCM EDU Hackathon is scheduled for 28 February and 1 March, all day both days, in the SF Bay area. Developers from the Shib consortium, SeamlessAccess, SSP, and fedops are planning to be there. The draft agenda for the meeting is close to done; the focus will be on exploring the challenges experienced with the API as proposed and proposals for ways to improve it.

Next Call @ February 23, 2023

  • No labels