TAC Meeting 2014-09-04
Thursday, September 4, 2014
1:00pm ET | 12:00pm CT | 11:00am MT | 10:00am PT
Dial-in Information
+1-734-615-7474 (preferred) (use this number unless you pay for long distance)
+1-866-411-0013 (US and Canada) (use this number if you pay for long distance)
Access Code: 0139713#
eDial: http://edial.internet2.edu/call/0139713
SIP: sip:session_0139713@edial.internet2.edu
If you are on a phone lacking a mute button, you can mute your phone via eDial by pressing ##1. To unmute, press ##1 again.
Agenda
- Please review carryover action items
- Does TAC want to meet F2F at TechEx?
- Best time: Weds 10:30-1:30 (conflicts with a TechEx general session at 10:30 and runs through the TechX lunch)
- Other options would be Mon, Tue, or Weds after 5:30 pm)
- Ops Update
- The State of TIER
- Update on Certificate Service: SHA-2 support (Joe, Jim)
- (your agenda item here)
Informational Items
- Research & Scholarship activity since August 21, 2014:
- California State University, Fresno supports R&S as of August 22, 2014
- Towson University supports R&S as of September 2, 2014
- New wiki docs:
- Per-Entity Metadata Pilot (public and private)
- Metadata Query Protocol
- (your info item here)
Carryover Action Items
- Steve Carmody will draft a wiki page outlining the steps involved in creating a category
- John will discuss with TAC how the Google OpenID Gateway might be operated and/or funded
- TAC will develop a recommendation for the potential necessary resources for eduGAIN implementation.
- John and Steven will review the Phase 2 Recommendations and propose to TAC a list of items that need to be addressed as a result of accepting the Recommendations
- John Krienke will distribute a list of outcomes related to the MD-Distribution recommendations
- John Krienke will implement a policy review regarding whether SP registration of keys could be made optional.
- Steve Carmody and John Krienke - Take to Steering for a policy discussion the issue of maintaining/guaranteeing the strength of the trust fabric through proactive scanning and probing of entities on behalf of the federation and its participants.
- Scott Cantor will continue to push discussion of the Affiliation-Based Access category and a library services category (proposed by SWITCH) and represent the TAC’s support for both.
- Ann West will bring up with the InC-Student working group the issue of R&S attribute release and its relationship (or not) to students who invoke the FERPA opt-out.
- Tom Scavo and Tom Barton will work on making available to campuses the InCommon scripts used to identify SP’s with endpoints that are not compatible with SHA-2.
- Keith will draft a IAM Testbed working group charter for the next TAC meeting.
- TAC members will review the original strategic priorities document and propose priorities for the rest of 2014.
- Tom Barton, Chris Misra, and Nick Roy (should he accept), and one or two members of Assurance Advisory Committee (AAC) (should they accept) will develop a list of first steps that InCommon might take vis a vis future security issues like Heartbleed.
- Steve Carmody will contact Nick Roy and the AAC leadership about participating in the Heartbleed group.
- Steve Carmody will initiate the process of developing a working group to deal with the larger gateway and interfederation issues.
- Steve Carmody will compare the priorities spreadsheet discussed today with the original TAC document on InCommon strategic priorities and call out major differences
- Scott, David, and TomB will reformulate the text in section 7.2 of the FOPP. The group will also look at the text in section 9 in light of the Google Gateway and eduGAIN but that may be deemed out of scope initially.
- Ann will keep TAC in the loop with respect to the Steering group working on eduGAIN policy issues.
- InCommon staff will go back to the drawing board and discuss possible paths forward with respect to REFEDS R&S and eduGAIN.
- Steve C. will send a note to Nicole Harris asking that she accept proposed changes through the end of August.
- John K. will ask Comodo about moving to support SHA2 in the other CAs, specifically to meet a Microsoft deadline of January 2016.
- John K will ask the Metadata Distribution Working Group if they will reconvene and make a recommendation about the first step in deploying per-entity metadata.
Minutes
Attending: Ian Young, Steve Carmody, Nick Roy, Michael Gettes, Keith Hazelton, Tom Barton, Jim Basney, Paul Caskey, David Walker, Jim Jokl
With: John Krienke, Tom Scavo, IJ Kim, Ann West, Steve Zoppi, Nate Klingenstein, Joe St Sauver
F2F at TechEx
TAC will meet Wednesday of TechEx - 10:30 – 1:30
Ops Update
Tom Scavo reported on the per-entity metadata pilot, expected to start in two weeks and import metadata from InCommon and eduGAIN. Details at https://spaces.at.internet2.edu/x/1w7kAg
Certificate Program Support for SHA-2
TAC approved the recommendation from the PKI Subcommittee to move to SHA-2 support in the certificate program. Comodo is ready to proceed.
TIER Draft
Steve Zoppi presented a detailed overview of the “inctac:State of TIER” draft sent via email earlier this week. In general, the goal is to instill better custody for a suite of products that already exist and/or are under development for easier deployment and support, and to promote broader adoption. The TAC Identity Landscape document has provided the base layer for these discussions.
...
Steve Z asked for reactions from TAC members to the document – the nature of the problems being addressed, anything that causes heartburn, and feedback as what would be best for your campus.
Next Meeting
Thursday, September 18, 2014
2 pm ET / 1 pm CT / Noon MT / 11 am PT
...