...
Notes and Action Items, CTAB Call of 14-Feb-2018
Attending
- Brett Bieber, University of Nebraska (chair)
- Tom Barton, U. Chicago and Internet2
- Joanna Rojas, Duke
- Ted Hanss, University of Michigan David Bantz, University of AlaskaMichigan
- Jon Miner, University of Wisc - Madison
- Chris Hable, University of Michigan
- Mary Catherine Martinez, InnoSoft
- Ann West, Internet2
- Emily Eisbruch, Internet2
New Action Items
[AI] (Emily) put new members on CTAB sympa list, provide private CTAB wiki access and
Invite CTAB members to Slack Channel on Baseline Expectations (done)
[AI] (Emily) get the new CTAB charter into the Doc Stewardship Repository, with date of closing of consultation (Done: see http://doi.org/10.26869/TI.94.1 )
DISCUSSION
CTAB New Members
• Welcome and Introductions
- David Bantz, University of Alaska
- Jon Miner, University of Wisc - Madison
- Chris Hable, University of Michigan
- Mary Catherine Martinez, InnoSoft
DISCUSSION
Onboarding of New CTAB members
All should have been added/invited to
• CTAB sympa (email) list
• access to CTAB wiki
• Slack Channel on Baseline Expectations
CTAB Call Time: Biweekly on Wednesdays at 4pm ET
Review of Documents
◦ Feel free to send comments and questions to the CTAB email list.
◦ Public minutes of CTAB:• Steering will approve new slate of CTAB members at next Steering call
• Brett has scheduled chats with new CTAB members
Resources:
◦ Many webinars are available linked from bottom of Assurance wiki here
◦ https://spaces.at.internet2.edu/display/InCAssurance/InCommon+Assurance+Program
◦ Scanning through the notes may be helpful
, minutes of AAC/CTAB are here:
◦ https://spaces.at.internet2.edu/display/InCCollaborate/InCommon+Assurance+Advisory+Committee+Minutes
◦ Baseline Expectations Documentsdocuments, linked from here: https://spaces.at.internet2.edu/display/BE/Baseline+Expectations+for+Trust+in+Federation
AI (Emily) put new CTAB members on CTAB sympa list, provide private CTAB WIKI access and
Invite CTAB members to Slack Channel on Baseline Expectations (done)
Overview of FICAM work
• Trust Framework program from GSA
• NIST standards 800-63 , 4 levels of assurance
• InCommon Assurance program responded to level 1 and level 2 with bronze and silver certification
• The AAC was formed to manage the FICAM program within InCommon,
• Compliance was sometimes seen as cumbersome; uptake was by 6 campuses for bronze and silver, and there was small uptake of FICAM from federal agencies
•
• There is transition now to new FICAM program, but this seems to miss the mark for the Higher Ed community
• A few years ago the InCommon AAC started developing more flexible profiles, including an MFA profile
that led to the REFEDs MFA Profile https://refeds.org/profile/mfa
• Baseline Expectations is a move from “publish what you do” approach, to a community set of expectations approach
• It’s about managing risk
• REFEDs Assurance Working Group is also doing work to respond to the failure of the FISMA approach https://wiki.refeds.org/display/GROUPS/Assurance+Working+Groupand developing a REFEDs assurance framework. Good idea for all CTAB members to subscribe to this list. https://lists.refeds.org/sympa/info/refeds and https://lists.refeds.org/sympa/info/assurance
• SIRTFI https://refeds.org/sirtfi another measure to increase trust in federation
Brett: likely the old approach to assurance (silver and bronze profiles) will be fading and CTAB will focus on the new, more flexible, more useful profiles and on Baseline Expectations
Improving the quality of the metadata in the InCommon Federation is part of Baseline Expectations
CTAB Charter
• Approved, ready for publishing:
[AI] (Emily) take action to get the new CTAB charter into the Doc Stewardship Repository, with date of closing of consultation
(Done: see http://doi.org/10.26869/TI.94.1 )
◦ CTAB Charter now in Trust and Identity Doc Repository: http://doi.org/10.26869/TI.94.1
Metadata Health Check Email/Template
• The email includes a cover message common to all
• Includes links to upcoming webinar
• Includes link to Baseline Expectations FAQ https://spaces.at.internet2.edu/x/iYRQBw
• [AI] (TomB) Add to the FAQ more about the timeline… sometime after the 90 day notice then there will be consequences for repeated non-responsivenes Baseline Expectations Webinars
• Webinar on Jan 24, 2018 went well. Focused on impact to community of Baseline Expectations. What will IdPs and SPs need to do. Checklist to start evaluating your compliance
• Slides and recording are here:
• https://spaces.at.internet2.edu/display/BE/Baseline+Expectations+for+Trust+in+Federation
x/iYRQBw (Done)
• Then the email includes specifics on metadata health check for the specific organization
• In first check, we are checking for missing data only. Later we may check for URLs that don’t resolve, etc.
Selection of CTAB Co-chair
• Serving as CTAB co-chair can involve going over agenda items with the chair prior to the call and being looped into other administrative emails
• Will discuss again on next CTAB call
Document re-organization message from Dean
- Baseline Expectations Foundational Document now has section at end on Community Consensus Process. See http://doi.org/10.26869/TI.34.2
- Dispute Resolution Process Document (previously called Baseline Expectations Maintenance document). See http://doi.org/10.26869/TI.35.1
Upcoming Baseline Expectations Webinars
• Next webinar is Feb 21, 2018 on Health Checks, and automated checking on metadata in the InCommon Federation.
• Nick Roy, InCommon Operations, shared stats on current state of federation metadata, for the metadata items that can be checked automatically. 7% of orgs currently meet baseline expectations
• https://www.internet2.edu/news/detail/15152/
• Question to decide in future: When do we want InCommon ops to modify the federation manager to generate an error if there are issues with metadata not meeting Baseline Expectations?
• Third webinar March 7, 2018 will focus on legal issues - InCommon Participation Agreement changes.
• Baseline Expectation Roadmap https://spaces.at.internet2.edu/display/BE/Baseline+Processes+Roadmap
Baseline Expectations Communications
• Wiki: https://spaces.at.internet2.edu/display/BE/Baseline+Expectations+for+Trust+in+Federation
x/sALxBg
• Wed Feb 21: Health Checks
• Wed March 7: Participation Agreement changes
PA and FOPP Legal Changes (Ann)
• Internet2 Legal made a few edits to the Participation Agreement (PA) and the Federation Operating Policies and Practices (FOPP)
, vote or consensus
• InCommon Docs are here:
◦ https://www.incommon.org/policies.html
• 90 day notification period to start in March 2018
• Perhaps the end of the 90 day notice should be when when we change the federation manager.
• Provide warning prior to that
Branding issues as we update from AAC to CTAB
• email list name has been changed to CTAB, working through other items
◦ https://www.internet2.edu/communities-groups/trust-identity/incommon-assurance-advisory-committee/
◦ Must turn revised FOPP and PA over to InCommon Steering next week for review prior to the Steering vote at their March 5, 2018 meeting
• Regarding dispute resolution (see FOPP section 8) (see PA section 10)
- For Issues with the federation operator -- go to InCommon Steering
- For Issues with another InCommon participant – go to CTAB
• Please send comments by end of week to CTAB email list.
• Possible “wrinkle” in process of updating FOPP and PA for Baseline Expectation:
◦ InCommon is also implementing the Steward Program in which InCommon partners with Regional Networks for supporting K12 https://www.incommon.org/about.html
◦ Change name of this AAC wiki page? https://spaces.at.internet2.edu/display/InCAssurance/Assurance+Advisory+Committee
CTAB F2F at Internet2 2018 Global Summit in San Diego?
https://meetings.internet2.edu/2018-global-summit/
• Emily requested a one hour time slot as a placeholder
• Wed May 9, 2018 is a likely date
On Feb. 14 CTAB call, selection of co-chair will be on the agendasteward/
◦ There are changes to FOPP and PA needed for the Steward Program also (in addition to the changes BE). Internet2 Legal may want to include the changes to the FOPP and PA needed for the Steward Program as we bring to the community the changes needed to the FOPP and PA for BE.
• CTAB voted to approve the proposed changes to PA and FOPP and move this along to Steering for their March 5 meeting.
• After Steering approval, an email will go to the community and then the 90 day review period will start.
Next CTAB Call: Wed. Feb. 1428, 2018