Minutes NOT YET FINAL as of July 14, 2014
Assurance Implementers Call of July 9, 2014
...
Alternative Means is now approved for campuses needing to move to SHA-2. It states "Identity Provider (IdP) Operators may continue to use SHA-1 to sign assertions through_ through January 15, 2015 _ without without compromise to their InCommon Assurance certification"
Question regarding eduroam:
At one point, eduroam was not compliant with SHA-1 because it used a non-compliant algorithm. Is that still an issue?
Comment: Now there is the AD alternative means
Jacob: I can't answer on behalf of AAC, With my Indiana University hat on, it makes a difference how you authenticate people for eduroam.
It involves a management assertion and an auditor's judgement.
Failed Authentication Counter Work (Benn)
https://spaces.at.internet2.edu/display/InCAssurance/Failed+Authentication+Counter+Strawman
Benn reported that at an upcoming Assurance Call he should have a report on some integration work on the Failed Authentication Counter database being done by UC Berkeley and Unicon.