InCommon Steering Committee Meeting - July 11, 2016
(734) 615-7474, or
Live minutes taken at: https://docs.google.com/document/d/1CGULcgtisSZcxViKoBtGgexz36aM99dLipCODUMSqG4/edit#
- Background for and results of the TIER Paths Forward discussion
- Key issues for the InCommon Paths Forward
- Shibboleth Consortium (Slides from their TNC presentation)
- Dues and anticipated funding needed and how much will the market/participants will bear
- Growth of the federation and audience needs
- Other items
- The action item from the June 6 Steering meeting: (AI) Kevin Morooney and Nick Roy will provide additional details on the priorities, as well as dependencies among the items, during the July 11 Steering meeting. Download the presentation (pptx)
- Note that a presentation from the TAC for its work priorities is scheduled for the August Steering call.
- Joint Steering/TCIC meeting Monday, Sept. 26, 8 am - noon
- Possible TIER Investor meeting Monday, Sept. 26, Noon - 1:30 pm (alternative is Tuesday at lunch)
- TechEx overall schedule
- Sunday, Sept. 25 - all day - REFEDS
- Monday, Sept. 26 through Tues., Sept. 27 (noon) - CAMP
- Tuesday, Sept. 27 afternoon - working groups and BoFs
- Weds, Sept. 28 and Thurs, Sept. 29 (noon) - ACAMP
- Thursday, Sept. 29 - Noon-3 pm - TIER developers and working groups
- Changes to InCommon Federation Operation Policies and Practices document to enable InCommon management to address security issues.
- Vote to follow on Wisegate.
Attending: Ann West, Michael Gettes, Von Welch, Susan Kelley, Pankaj Shah, Melissa Woo, Steve Carmody, Sean Reynolds, Ted Hanss
With: Nick Roy, Dean Woodbeck, Ken Klingenstein, Kevin Morooney
(AI) Ann West will distribute a proposed resolution for the development of the InCommon Incident Response Policy and Procedures and Reporting Document , distribute that by email to InCommon Steering, for a vote via Wisegate.
Approved via Wisegate
InCommon Ops Review
Nick Roy provided an update on the InCommon Ops Review, an extensive process conducted in the summer of 2015, reviewing and prioritizing all of the aspects of InCommon operations. Steering has previously reviewed and voted on these priorities; this is a review and update.
This will result in a report for Steering, and will also be shared with key registrars in the AACRAO community to determine next steps. The purpose of this first step is discovering what people do; not promoting any particular policy.
InCommon Path Forward
Kevin provided background on the “deep dive” and “path forward” meetings which will wrap up this month. In May, a few community members reviewed all of the issues facing Trust and Identity in Internet2. Meetings in July are focusing on TIER (already completed) and InCommon (to be completed this week). Among other issues, the InCommon meeting will touch on:
InCommon management will combine the assets from all of these meetings and prepare the findings, to be shared with InCommon Steering and the TIER Community Investors Council at the September 26 meeting at TechEx.
Proposed Change - Federation Operation Policies and Practices (FOPP)
Steve Carmody brought forward a proposal from the InCommon TAC for a change in section 10.3.1 of the FOPP, giving InCommon management the authority and scope to act when the security of Federation services or the trustworthiness of the published metadata file might be impacted. One concern is with the large number (about 70%) of identity provider providers still operating Shibboleth IdPv2, which goes end of life on July 31, 2016. After that time, there will be no security updates. While there have been no problems to date, it seems prudent to be prepared.
Michael Gettes moves moved and Melissa Woo seconded approving the proposed change to the second paragraph of section 10.3.1 of the FOPP. The motion passed unanimously. The second paragraph of Section 10.3.1 now reads:
If InCommon suspects any compromise or negligence on the part of a Participant, it will make reasonable efforts to contact Participant to resolve the issue. In the case of a significant security incident that poses an unacceptable risk to InCommon or other federation participants, InCommon may take immediate remediation actions commensurate with the impact of the incident.
(AI) Ann West will distribute a proposed resolution for the development of the InCommon Incident Response Policy and Procedures and Reporting Document, distribute that by email to InCommon Steering, for a vote via Wisegate.
Joint Meeting of Steering and TCIC - Wednesday, July 27 - Noon EDT
Full Steering Meeting - Monday, August 1, 2016 - 4 pm EDT
August 1, 2016 - 4 pm ET