Attending
Members
- Chris Phillips, CANARIE (chair)
- Marina Adomeit, GEANT
- Tom Barton, U. Chicago
- Nathan Dors, U Washington,
- Karen Herrington, Virginia Tech
- Todd Higgins, Franklin & Marshall College
- Christos Kanellopoulos, GEANT
- Les LaCroix, Carleton College
Internet2
- Steve Zoppi
- Emily Eisbruch
Regrets
- Warren Anderson, University of Wisconsin-Milwaukee /LIGO
- Rob Carter, Duke
- Jill Gemmill, Clemson
- Tom Jordan, U Wisc - Madison
- Kevin Morooney , Internet2
- Ann West, Internet2
New Action Item
{AI] (Christos) email CACTI with the name of the open AARC list looking at scalability of trust network, etc. (DONE)
[AI] (ChrisP) follow up with Les and Christos on next steps for URN / OID registry.
DISCUSSION
CACTI membership
- Welcome to new CACTI member Marina Adomeit
- Marina works for academic network of Serbia
- Leading Trust and Identity services activity in GEANT
- This will include development of Trust and Identity services
- This will include development of Trust and Identity services
- Hope to inform roadmaps for Internet2 and GEANT
- Currently in planning period
- Project phase divided into development and operations
CACTI hopes to feed input into 2019 planning process for Internet2 and GEANT.
Kickoff for project planning in GEANT is in Jan. 2019
- Marina works for academic network of Serbia
eduTEAMs
- Christos is the service owner of eduTEAMS
- eduTEAMS has long history; it was a number of individual components for scientific use cases: now integrated into one bundle
- Wide target audience within research space
- Long-term plans include expanding beyond just research space to broader campus space
- May discuss eduTEAMS more on a future CACTI call, hopefully when KevinM and Klaas can be present on the call
- Christos is the service owner of eduTEAMS
eduPerson Transition to REFEDs
- Progressing: new list schema-discuss@lists.refeds.org & governance model recommendation @ REFEDS below
- Can suggests amendments
- Consultation until Dec 10, 2018 https://wiki.refeds.org/display/STAN/Schema
- Can suggests amendments
- Progressing: new list schema-discuss@lists.refeds.org & governance model recommendation @ REFEDS below
MACE URN OID Transition: https://spaces.at.internet2.edu/x/Sgi6Bw
- Les reviewed the registries transition.
- URN and OID are low use items
- Some use by TIER
- URN registry delegated to other institutions
- Service that Internet2 recommends not using
- Les recommends looking at discontinuing the URN service for new URNs
- In GEANT there is a new interest in URNs
...
...
- 1) if the requester institution is part of Higher Ed and
- 2) if the person requesting has authority to request for the institution
- TomB offers to be the initial intake person for CACTI
...
...
Emerging Federated Id Challenges with cloud stories
- Azure, Multilateral trust with federated id, and eduroam
- Google apps for education, AWS IDM - distant #2, #3?
- Q: Is there a recommendation that Internet2/InCommon/others have? Is this topic in harmony with current activities?
- ChrisP shared an email with one site’s perspective on moving to the cloud
- CAS as a component for single sign-on, but then security concerns arose
- Nathan shared via email a diagram from IDP governance discussion
- Governance decision is important
- Example Nathan shared centered on decision to use OAUTH
- Can be complicated and messy
- TomB: Global R&E Federated Access Ecosystem
- Maintain research networks and research federations,
- Must be inclusive
- Use proxies
- What about using Shib IdP in Azure as the proxy?
- Setosa is the solution being used
...
- Discussion within AARC project . Looking a scalability, and issues coming up from real deployments
- {AI] (Christos) email CACTI with the name of the open AARC list looking at scalability of trust network, etc. (DONE)
...
- It is a kind of proxy . Using Azure and Google federated with Shib. Different services tap in.
- Will also put some in cloud, primarily for redundancy. Like the diagram Nathan shared. Not sure the best solution
...
- May recharter and reduce the scope and create practical deployment guides for using the GEANT extension or using Setosa or a proxy.
- Deployment guides could include patterns of deployment in the cloud.
Reports from the Field
...
- Q: Is there a role for CACTI to support this activity?
...
2019 Internet2 Global Summit in DC
- March 5-8, 2019 in DC https://meetings.internet2.edu/2019-global-summit/
- How many CACTI members will be attending? ChrisP not attending.
Decision: Likely no CACTI meeting at Global Summit 2019
Parking lot: Suggestions from Oct 30, 2018 CACTI call
- ask RolandH to give CACTI a talk on direction of OIDC and SAML as an informational session.
- Perhaps also Davide Vaghetti (GARR)
- Suggestion to put Nathan on CACTI Agenda to give info on OIDC
- ask RolandH to give CACTI a talk on direction of OIDC and SAML as an informational session.
...