Date: Thu, 28 Mar 2024 11:07:35 +0000 (UTC)
Message-ID: <1221560469.6181.1711624055288@ip-10-10-7-29.ec2.internal>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_6180_608979797.1711624055288"
------=_Part_6180_608979797.1711624055288
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
CTAB Call Tuesday February 8, 2022
Attending<=
span class=3D"s3">
- David Bantz, University of Alaska (cha=
ir)
- Jon Miner, University of Wisc - Madiso=
n (co-chair)
- P=C3=A5l Axelsson, SUNET
- Sarah Borland, University of Nebraska&=
nbsp;
- Ercan Elibol, Florida Polytechnic Univ=
ersity
- Richard Frovarp, North Dakota St=
ate
- Eric Goodman, UCOP - InCommon TAC Repr=
esentative to CTAB
- Andy Morgan, Oregon State University
- Rick Wagner, UCSD
- Chris Whalen, Research Data and Commun=
ication Technologies
- Jule Ziegler, Leibniz Supercompu=
ting Centre
- Robert Zybeck, Portland Community Coll=
ege
- Tom Barton, Internet2, ex-officio =
;
- Johnny Lasker, Internet2
- Kevin Morooney, Internet2 <=
br>
- Ann West, Internet2
=
li>
- Albert Wu, Internet2
<=
/li>
- Netta Caligari, Internet2
Guest: Mary McKee=
, Duke University
Regrets
- Meshna Koren, Elsevier
- Dave Robinson, Grinnell College in Iow=
a, InCommon Steering Rep, ex-officio
- Emily Eisbruch, Internet2 (scrib=
e)
DISCUSSION
Intellectual Property re=
minder
Working Group Updates
-
- REFEDS Assurance Working Group<=
span class=3D"s2">
- MFA Sub Group
- https://wiki.refeds.org/display/GROUPS/MFA+Subgroup<=
span class=3D"s10">
- Drafted a set of recommendations for u=
pdates to the next iterations of the MFA profile based on what was learned =
during the NIH rollout of new identity requirements
- Will present the recommendations=
to the Assurance Working Group later in the week
- R&S WG (Access Entity Group}
- Instead of R&S category, plan 3 ca=
tegories
- Anonymous Authori=
zation
- Pseudonymous Auth=
orization
- Personalized Acce=
ss
- These three categories have been prese=
nted to REFEDs
- NIH Activities
- Tom Barton reported there was discussi=
on about the IRS plan to use facial recognition as a means of establishing =
identity, using ID.me.
IRS has now canceled these plans.
- Login.gov is used by resea=
rchers to authenticate to NIH if campus credentials can=E2=80=99t meet the =
NIH identity requirements. Login.gov notified=
NIH they need clear rules about how to handle photos they receive. =
span>
- This points to potentially increased t=
he value of REFEDs assurance framework and especially the proposed&nb=
sp;local enterprise, as a reasonable proxy for a hi=
gher assurance standard
- SIRTFI Exercise Working Group
- https://spaces.at.interne=
t2.edu/display/sepwg
- Framing and scoping the exercise plan<=
/span>
- Examined some of Kyle Lewis=E2=80=99s =
work and what was done in the military, did some compare and contrast =
- Talked about what we might face in the=
federated version.
- InCommon TAC=
- Work plan review, hope to finalize wor=
k plan this week, including adopting subject identifiers. Subject identifie=
rs work and how to roll it out may have crossover with CTAB=E2=80=99s effor=
ts
- Looking at wallet federation work
- Working on recommendations on discover=
y, moving forward. Will be based on Seamless Access. https://seamlessaccess.org/
- REFEDs Schema Editorial Board
- https://wiki.refeds.org/display/STAN/Schema+Editorial+Board<=
/span>
- REFEDS Schema Editorial Board (SEB)&n=
bsp;
- Long term: Looking at getting away fro=
m protocol specific descriptions of schema.
=
span>
- Shorter term: Spun up a subgroup on us=
e of personal pronouns and a potential eduperson displayname attribut=
e (this came out of an Advance CAMP session)
<=
/span>
Identity Provider as a Service (Mary McKee)=
span>
-
- Mary co-chaired IDP as a Servi=
ce Working Group
- IDP as a Servi=
ce Report
- Goal was to make federation more acces=
sible
- The working group Identified use cases=
, such as
- =E2=80=9Cwe have an IDP b=
ut it does not support federation=E2=80=9D
- =E2=80=9Cwe are looking f=
or a full SAML SSO solution=E2=80=9D
=
li>
- =E2=80=9Cwe need a creden=
tial store=E2=80=9D
- IAM as a service was out of scope for =
the IDPaaS working group
- Big factor that leads to organizations=
not prioritizing federation is intimidation
<=
/span>
- There is an opportunity for InCommon t=
o help those without the in house expertise
=
span>
- Help create an easily parsable process=
for each primary use case
- Concept of =E2=80=9CFederation Ready=
=E2=80=9D
- There are federation connector product=
s (shim solutions) on the market
- InCommon could to provide the ne=
eded information/materials
- InCommon can vet/validate solutions an=
d state that they are =E2=80=9CFederation Ready=E2=80=9D
- Comment: It can be challenging t=
o determine what bar to use for =E2=80=9CFederation Ready.=E2=80=9D&n=
bsp;
- Need a framework for evolution of this=
.
- It makes sense for InCommon to d=
ecide the minimum requirements needed for trust in the federation. =
span>
- Community members participate in the p=
rocess to advocate for the needs of their institution
- Ann reported that there has been turno=
ver in IT and in some cases, people are losing understanding of the value o=
f federation.
- InCommon staff recognize the need to s=
upport organizational readiness for federation.
- There will be courses on InCommon Fede=
ration Training and on the basics of IAM.
- Another focus will be getting CIOs to =
talk about identity again. Digital campus versus physical campus.&nb=
sp;
- There are National Science F=
oundation CC* grants to bring more=
Higher Ed institutions into cyberinfrastructure.=
- InCommon will work with Catalysts, and having trust=
ed 3rd parties.
- David: This is excellent context for C=
TAB=E2=80=99s work, thanks to Mary for joining CTAB today
Baseline Expectations v2 updates (Albert)
-
- Working on the long tail &=
nbsp;Baseline Expectations for Trust in Federation
- Next major deadline is Feb 17.<=
span class=3D"s2">
- There are about 30 organizations that =
requested an extension but have not yet met baseline expectations. We=
will be reaching out to them.
- CTAB members, please reach out the org=
s you were assigned to who have not yet met baseline expectations
- Did not discuss at this meeting:&n=
bsp;
- (10 min) 2022 CTAB Work Plan - will di=
scuss next meeting
- Sirtfi v2 spec (Tom Barton=
)
Next CTAB Call: Feb. 22=
, 2022
<=
/strong>
------=_Part_6180_608979797.1711624055288--