Versions Compared

Old Version 1

changes.mady.by.user Dean Woodbeck (internet2.edu)

Saved on

compared with

New Version 2

changes.mady.by.user Dean Woodbeck (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

InCommon Technical Advisory Committee Meeting Minutes

Thursday, May 8, 2014
1:00pm ET | 12:00pm CT | 11:00am MT | 10:00am PT

Dial-in Information

+1-734-615-7474 (preferred) (use this number unless you pay for long distance)
+1-866-411-0013 (US and Canada) (use this number if you pay for long distance)

Access Code: 0139713#

eDial: http://edial.internet2.edu/call/0139713

SIP: sip:session_0139713@edial.internet2.edu

If you are on a phone lacking a mute button, you can mute your phone via eDial by pressing ##1. To unmute, press ##1 again.

Agenda

  1. Please review carryover action items
  2. Ops update:
    1. Phase 1 Implementation Plan of the Metadata Distribution WG
  3. Note to lawyer regarding preparing for the next HeartBleed
  4. Status Update
    1. TIER
    2. new Working Groups: External Identities, Alternative IdPs
  5. Extending the Google Gateway to R&S
  6. Work Plan - 2014 (see documents from the Programs sub-committee that are attached to the page for the TAC 2014-04-24 call)
  7. Request to register IAM Testbed SP, work.iamtestbed.internet2.edu, with InCommon (Jim, Keith)
  8. (your agenda item here)

Informational Items

Carryover Action Items

  1. Steve Carmody will draft a wiki page outlining the steps involved in creating a category
  2. John will discuss with TAC how the Google OpenID Gateway might be operated and/or funded
  3. TAC will develop a recommendation for the potential necessary resources for eduGAIN implementation.
  4. John and Steven will review the Phase 2 Recommendations and propose to TAC a list of items that need to be addressed as a result of accepting the Recommendations
  5. John Krienke will distribute a list of outcomes related to the MD-Distribution recommendations
  6. John Krienke will implement a policy review regarding whether SP registration of keys could be made optional.
  7. Steve Carmody and John Krienke - Take to Steering for a policy discussion the issue of maintaining/guaranteeing the strength of the trust fabric through proactive scanning and probing of entities on behalf of the federation and its participants.
  8. Steve Carmody will discuss with Chris Holmes any legal issues he sees regarding moving toward the REFEDS R&S definition
  9. Scott Cantor will continue to push discussion of the Affiliation-Based Access category and a library services category (proposed by SWITCH) and represent the TAC’s support for both.
  10. Ann West will bring up with the InC-Student working group the issue of R&S attribute release and its relationship (or not) to students who invoke the FERPA opt-out.
  11. Keith Hazelton and Jim Jokl will lead a discussion about the proposed IAM Test Bed on the TAC email list.

Minutes

Attending: Steve Carmody, Michael Gettes, Keith Hazelton, Ian Young, Jim Jokl, Nick Roy, Scott Cantor, Tom Barton, Jim Basney

With: John Krienke, Tom Scavo, IJ Kim, Nate Klingenstein

Action Items

(AI) Tom Scavo and Tom Barton will work on making available to campuses the InCommon scripts used to identify SP’s with endpoints that are not compatible with SHA-2.

...

(AI) David Walker, Tom Scavo, and Michael Gettes will identify the technical and policy questions and options available, associated with extending the InCommon Google Gateway to R&S SPs, with a report deadline of June 5.

Ops Update

Tom Scavo provided an update on the new metadata aggregates. On June 30, the fallback and production aggregates will be synced, meaning that all aggregates will be signed using SHA-2. He has followed up with the eight SPs with endpoint issues and is optimistic about the results. (AI) Tom Scavo and Tom Barton will work on making available to campuses the InCommon scripts used to identify SP’s with endpoints that are not compatible with SHA-2.

Heartbleed Aftermath

There was discussion about the appropriateness of InCommon, as the federation operator, conducting probes to “protect the reputation of the federation” (as the UK federation states). This may require updates to the FOPP, the Participation Agreement (PA), or both. (AI) Steve Carmody will continue to draft a note to Chris Holmes (member of Steering and associate counsel at Baylor) concerning how to frame any proposed revisions.

TIER Status Update

Steve Carmody reported that a Steering subcommittee is working to more clearly define the TIER initiative (Trust and Identity in Education and Research), with a deadline to generate a document by the end of July. 


New Working Groups

Steve Carmody has approached Steve Zoppi about the need for some resources to support the new working groups.

Extending the Google Gateway

LIGO is working with a vendor to deploy a Google gateway for use with LIGO SPs that will proposed for the R&S category. There was discuss about whether InCommon should extend its gateway to include R&S SPs, alleviating the need for LIGO and other SP operators to deploy separate gateways. The question is whether InCommon should be the central provider of such a gateway and any policy implications. (AI) David Walker, Tom Scavo, and Michael Gettes will identify the technical and policy questions and options available, with a report deadline of June 5.

IAM Testbed SP

Jim Jokl and Keith Hazelton reported on an IAM testbed that will provide a platform to demonstrate the various components of open-source infrastructure, wired together to provide a workflow, including onboarding and provisioning a user for access to various resources. Details are on the wiki: https://spaces.at.internet2.edu/display/InCCollaborate/IAM+Testbed

Internet2 will be asked to deploy the SP. Jim and Keith are also working on deployment of an IdP and are discussing the POP and how such an IdP may be deployed.

Next Meeting

May 22, 2014 – 1 pm ET / Noon CT / 11 am MT / 10 am PT

...