Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

 

CTAB Call Tuesday January 25, 2022

 Attending

  • David Bantz, University of Alaska (chair) 
  • Sarah Borland, University of Nebraska 
  • Ercan Elibol, Florida Polytechnic University 
  • Richard Frovarp,  North Dakota State 
  • Eric Goodman, UCOP - InCommon TAC Representative to CTAB 
  • Andy Morgan, Oregon State University
  • Rick Wagner, UCSD  
  • Chris Whalen, Research Data and Communication Technologies 
  • Jule Ziegler,  Leibniz Supercomputing Centre   
  • Robert Zybeck, Portland Community College  
  • Tom Barton, Internet2, ex-officio 
  • Johnny Lasker, Internet2  
  • Kevin Morooney, Internet2  
  • Ann West, Internet2  
  • Netta Caligari , Internet2  
  • Emily Eisbruch, Internet2   (scribe)


Regrets

  • Jon Miner, University of Wisc - Madison (co-chair)  
  • Pål Axelsson, SUNET   
  • Meshna Koren, Elsevier  
  • Dave Robinson, Grinnell College in Iowa, InCommon Steering Rep, ex-officio
  • Albert Wu, Internet2  


Discussion 

Working Group updates

    • SIRTFI Exercise WG
    • InCommon TAC Updates
      • Eric Goodman will continue as InCommon TAC Liaison to CTAB
      • Going over the work plan for the year.
      • Two biggest items:
      •    1. Working group on EU work related to digital wallets
      •         Carry around credentials in an “identity wallet”
      •         Might become/overlap with a CTAB work  item
      •    2. Finalize the discovery future document
      •        Many are of the opinion that discovery WAYF should be replaced/updated probably with Seamless access approach
    • REFEDS Assurance WG
    • REFEDS MFA Sub Group
    • R&S 2.0 (entity categories) Updates
      • https://wiki.refeds.org/display/GROUPS/Entity+Categories+Development+Working+Group
      •  Plan 3 categories:
        •   Anonymous Authorization
        •   Pseudonymous Authorization
        •   Personalized Access  
      • Working to harmonize those 3
      • Although eduPersonAssurance as specified by the REFEDS Assurance Framework is recommended to be supported in the Personalized Access entity category, it was decided not to require any specific identity assurance claims as part of these entity categories
      • Nothing in draft R&S/access entities specifying AAL or MFA requirements


NIH activities /   Assured Access Working Group

    • Tom Barton reported that  biweekly meetings with the NIH Central IT team continue
    • There was Sept 2021 deadline for accessing ERA https://era.nih.gov/ resources at NIH
    • What about other resources?
    • Trying to coordinate around future deadlines 
    • Looking at step-up identity assurance approach
    • For high identity assurance, NIH is the first use case
    • Not sure how heavily NIH will invest in supporting a single use case
    • We are managing the drivers from NIH point of view
    • Hope for specific dates/ deadlines that align with NIH capabilities
    • Three other SPs in Europe are watching closely what’s happening with NIH
    • NIAID and National Heart Lung and Blood Institute (NHLBI) CIOs are both proponents of using the REFEDS Assurance Framework for identity proofing.
    • Need to bring NIH and NSF together to talk through what NIH is doing. Both have the same requirements
    • AI Tom will set up doodle poll for Tom, Ann, Sarah, Rick, Chris and other CTAB members to chat on identity assurance 

BEv2 Docket - reminder to get out there; contact and update status (Quick Links: DocketsException RequestsOutreach SignupsMissing Elements)  

    • CTAB members  have been working on their outreach responsibilities/assignments
    • CTAB members please keep doing the assigned  outreach  
  • Extensions have been granted until Feb. 17, 2022 in many cases
  • After Feb. 17, dispute resolution process will move forward (and potentially removal from InCommon Federation will be considered in some cases)
  •  CTAB meets Feb 8 and Feb 22, 2022


2022 CTAB Work Plan - Planning 

    • Proposed Theme: scaling interoperability
      •   Encourage heightened trust and assurance to promote interoperability
      •   Discourage one to one linking, promote federation
    • Potentail Work Plan Items
      •  SIRTFI Exercise WG
      • Meta discussion of “what should CTAB do to continue to increase trust and interoperability in federation, given the changing IT landscape?
      • Continued work on identity assurance
      • MFA - what’s next?

    • Additional Discussion Topics:
    • Should we have a hierarchy of expectations within the Federation?
      •      Trust mark, seal of approval for those that use a higher level of assurance
    • Should CTAB engage with large commercial SPs?
      •     Actively maintain info on how to interface with large SPs
      •     Looking at this was part of the mission statement of the IDP as a Service (IDPAAS) Working Group https://spaces.at.internet2.edu/display/IDPAAS/IdPaaS+Home
      •      Shims
        •   Find vendors to provide shims  or have InCommon sponsor the shims
        •    Put shim in front of Azure, for example
        •    Smart approach is for CTAB to  support use of shims for interfacing with big commercial products
      • The IDPAAS report was accepted by InCommon Steering. 
      • It’s currently up to  InCommon staff to respond to and act on the recommendations of the IDP as a service WG.  Could result in trust marks. 
      • To be built on top of the catalyst program.  https://internet2.edu/catalyst-program-brings-identity-and-access-management-expertise-support-to-incommon-community/
      • Hope for a pilot in 2022 
      • Scaling community requirements for organizations that are not ready to do so. Outsourcing is a good approach


Next CTAB Call:  Tuesday, Feb. 8, 2022