Minutes

Attendees:  Mark Rank, Steven Premeau, Eric Goodman, Keith Wessel,  Joanne Boomer, Judith Bush, Derek Eiler, Matthew Economou

Reps from other groups: David Bantz (CTAB) 

Staff / SME: David Walker, Albert Wu, IJ Kim, Nicole Roy, Steve Zoppi, Dave Shafer, Kevin Morooney, Ann West

Notes

T&I Updates: Minor issue in Federation Manager with duplicate ID in metadata from old bug that’s due to model validation inside of Rails framework.  Release earlier this week to close the gap.

GÉANT software license: They have no plans to get OSI’s review/approval.

W3C FedCM/FedID: On hold for most of August

Recruiting for TAC

Nominations are currently open until the end of the month.  What type of skills are we recruiting for?  What is TAC likely to pursue in 2024/2025 (e.g., SP middlethings/federation proxy discussion whether commercial or academic, saml2in/entity category deployments, federation testing)?

  • International federation contacts
  • Large multi-campus entities
  • Small, liberal arts campuses
  • Service providers
  • Federal labs/research hubs/virtual organizations

Departures:  

  • Eric Goodman (UCOP) will be retiring, he will be stepping down. (represented a large multi-campus entity)
  • Heather Flannagan will not seek re-election.

TAC charter allows up to 13 members. We currently have 11.  The following members’ terms are ending at the end of this year: Heather, Judith, Steven, Marina (because she was added this year to replace someone)  Currently have 11 seats filled.

If continuing on with TAC, please remember to re-nominate yourself.

Miscellaneous

SPs aren’t just one monolithic thing:

  • Content publishers
  • Tool makers
  • Others?

Vendors/SPs in the exhibition hall:

  • Enterprise sales focus may exclude interesting participants?
  • Pitch as opportunity to understand the space, how solutions may align with the space, and participate in the conversation

Review the 2 TAC sessions (F2F and share presentation with CTAB) slide draft

TechEx 2023 - Scalable Trusted Federation

  • Theme is Scalable Federations
    • Walking through work plan and things we are doing this year
    • Join us slide - nominations this year, come to lunch TAC Meeting
    • Deployment profile adoption - most will have been said 2 hours earlier, do bullet points summarize work? Intent to release a public comment draft before TechEx.
    • Make it clear to the community this is what we are doing and this is the benefit to you.
  • Federation Proxy Side - work is going in front of Steering on Monday along with Charter for working group.  May add a link if someone is interested in joining working group.
    • We will need a TAC Sponsor for the working group
  • Federation Testing Slide
    • Part of the scaling problem we face is organizational change management.  Tooling around these lines could become a powerful tool for advocacy.
    • More than just a sandbox, what’s really powerful is the ability to make sure you get it right. What tools out there are exclusively focused on IdP’s?
    • A way for CTAP to force compliance with Baseline expectations
    • A way for participants to know what they have work right, more than just a SAML test site.
    • Agree there is really way too much. Like SSL labs test but for the federation.  
    • What is the current good practice and how can we encourage people to adopt it.  How do we manage organizational change?  
    • Operationalizing Baseline Expectations report
  • What other things that we haven’t mentioned that you would like to see?

Suggestions for next steps on Federation Testing tools

Napkin Sketch - Brainstorming features for an "InCommon test IdP" (for key research/government integrations)

  • NIH has a tool for IdP’s to test against, but there is a need for a testing IdP so SP’s can test 
  • Internet2’s IdP is not designed to do this type of testing
  • This is a concrete, immediate need.  These agencies need this to test again.
  • Does this look reasonable? Is this something to move ahead separately from the broader federation testing.
  • This is not exhaustive/comprehensive. It’s to test interoperability profile.  Primarily testing REFEDS profile testing. Focus is SAML2Int
  • Only concern is if InCommon hosted it, could it be accessible to everyone in EDUGAIN.  This could be of global value.
  • No opposition from TAC.  Albert is good to move ahead with this, let us know how we can help.

Email Updates

CACTI Update

From Steven P.:

CACTI's next meeting is on September 13th.    The following items are currently on the discussion agenda:

  • Prep for TechEx CACTI open meeting
  • eduVPN in New Zealand
  • Google and MFA
  • Next steps for linking SSO systems/proxies WGs 
  • Next steps with NIST

CTAB Update

From Eric G.:

CTAB mostly discussed items that TAC is already aware of, and then also TechEx planning, so I’m not providing lots of detail on the discussion items.


  • Detailed discussion of the * Access entity category work
  • InCommon futures/”This Old House” planning discussion. (I.e., CTAB was discussing the state of the planning process, not actually doing the planning…)
  • TechEx F2F agenda
  • CTAB recruitment
  • CTAB talking pointes in “Scalable Trusted Federation” session (co-presso with TAC)

Next Meeting @ September 20, 2023 - Face to Face meeting at TechEx 2023



  • No labels