Child pages
  • Minutes of Assurance Call of 10-July-2013

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Draft Minutes, Assurance Implementers Call, 10-

...

July-2013

Attending
Ann West, InCommon
Mark Rank, UCSF
Dave Langenberg, U. Chicago
Brett Bieber, Univ. of Nebraska, Lincoln
Jeff Capehart, University of Florida
Lee Trant, U of Nebraska Medical Center (UNMC)
David Walker, InCommon
Emily Eisbruch, Internet2, scribe

...

The Assurance and MFA Enhancements to Shibboleth Identity Provider RFP was awarded to Paul Hethmon, who has been involved in the Shibboleth project. Information on this work will be posted on the the Shibboleth wiki. This URL will be shared with the Assurance list. The goal is to have the work completed by end of 2013. The RPF has acceptance criteria that 3 campuses will test the code, and we hope to identify the 3 testing campuses within a few weeks. Most likely testing will take place in September or October. David will send out a solicitation for testing campuses. Let David know if you are interested in helping with the testing.

...

The AAC is working on a proposal (to be sent to InCommon Steering) to make bronze Bronze the baseline for participation in the InCommon Federation.

...

Brett was on the June 20 call.  At U. Nebraska, the goal is to implement a system for counting failed logins by Aug. 1, since Nebraska has a target to achieve bronze by Aug. 1.  Brett currently has an implementation counting the LDAP failed authentication attempts. This work is posted on GITHUB and there is information on the wiki at https://spaces.at.internet2.edu/display/InCAssurance/Component+Implementation+Guide However for AD, Nebraska has challenges around identifying the proper event codes. Brett has discussed the AD event codes issues with U. Chicago and would like to confer with other institutions also. Ann suggested writing a note to the assurance list to ask if anyone can help with the AD code. The AD topic came up at the CIC IDM meetings taking place this week in Columbus. Brett will be in touch with Ann to arrange an opportunity to talk about the AD issues with the AD Alternative Means Assurance Group. https://spaces.at.internet2.edu/display/InCAssurance/AD+Alternative+Means+-+2013

...

Ann reported that the Business School of a large research institution recently approached InCommon with a new use case. At this institution, Central IT has stated that the Business School needs to be Bronze certified to federated internally. The Business School has an IDP, but does not need to be in InCommon metadata, it needs  to conform to the bronze profile to achieve security goals.

...

Ann asked if InCommon Assurance should consider a reduced fee for cases where there is no IDP, where an institution wants a offering a service to enable institutions to get a "stamp of approval" for good practices.    David suggested that this makes sense, it would be like an audit report saying "yes we agree with management's assertion that they meet the requirements for the assurance program."  It was noted that without a SAML IdP it is not possible to be bronze certified under 4.2.7.  

...