Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

TAC Meeting 2017-07-06

Thursday, July 06, 2017
1:00pm ET | 12:00pm CT | 11:00am MT | 10:00am PT

Connection Information

To join the Meeting:

To join via phone :
1)  Dial: +1.408.740.7256
2)  Enter Conference ID : 666258159

Pre-Read Materials

  1. Review any action items for you, documented below, and make sure you complete them or update status appropriately

  2. Check yourself into the running minutes attendance list

  3. Review/approve TAC minutes from 2017.06.22


  1. NOTE WELL: All Internet2 activities are governed by the Internet2 Intellectual Property Framework

  2. Reminder: TAC minutes are public documents, please let the TAC and note taker know if you plan to discuss something of a sensitive nature

  3. Information Items

    1. Ops Update 2017-07-06 (Tom S) (10 min) 

    2. T&I Update (Ann) (5 min)
    3. FM Release Update (Nick) (5 min)
  4. 2018 Nomination Process (Mark) (just an update on the final schedule)

  5. WG Spin-Up (Mark) (20 min)

    1. Status update on OIDC WG (Steven) (announced 7/3 to participants, technical-discuss)

    2. All WG announcements have gone to technical-discuss

    3. Information only: Janemarie working with Emily to add co-chair information to I2 T&I WG process docs

    4. Discovery 2.0 - if we want something in new Shib SP scheduled for end-of-2017 we have to spin this up faster than TechEx

      1. Should we push one or more WGs to the back burner in order to prioritize this?

      2. Do we think we could even get what is needed done in time for Shib SP release, even if we started now?

      3. AI: ScottC to send note to REFEDS about the problem ahead of the July 12 REFEDS-SC call

  6. IdPaaS (JimJ) (20 min)

    1. Steve C's suggested FAQ on cloud IdP recommendations - see thread on the TAC list

      1. Any volunteers to develop a FAQ?
  7. Any Other Business

Action Items from Past Meetings

[AI]  Eric to start discussion thread on how to handle term endings.  Janemarie will start a google doc with some of the summary/thinking so far, share with Eric. DONE

[AI] Janemarie will reach out to Ann and talk/go from there to finalize the proposal regarding Working Group co-chairs and flywheels. IN PROGRESS

(AI) Mark will discuss the structure of the Attribute Release working group with Steering Chair Sean Reynolds.  DONE

(AI) Tom Barton will check with Jim Basney on this, as well.

(AI) Mark Scheible will revise the Attributes for Collaboration and Federation WG charter for additional review and send it to technical-discuss. DONE

(AI) Ann or Kevin talk with Klaas Weirenga from GÉANT about a presentation to TAC meeting concerning their T&I roadmap for, say, the next 3 years? <= Deferred to August


Members Attending: Mike Grady, Jim Jokl, Eric Goodman, Mark Scheible, Tom Barton, Steve Carmody, Kim Milford, Albert Wu

With: Dean Woodbeck, Nick Roy, Ian Young, Tom Scavo, Ann West, IJ Kim, Steve Zoppi, Paul Caskey

Action Items

(AI) TAC should review the IdP strategy document (

(AI) TAC should review the information for IdPs on the wiki and consider useful additions and revisions.

Ops Update

Metadata Aggregator - working on deploying v7.1. Also two versions waiting in the wings. One will implement the new policy re: entity attributes (switching to default-allow). Beyond that, there are several modifications in the pipeline - this will likely become v8. 

ADFS Issue - Dealing with an issue with ADFS4 consuming InC metadata aggregate. ADFS4 is strict on how it parses an aggregate. If there are non-unique indexes, ADFS4 chokes. Working on that. Will also need to work with eduGAIN on resolving, as well

FM Bug - The FM dev team found an issue with creation of duplicate ACS index values in SP metadata. The FM uses optimistic record locking. When more than one person edits an SP at the same time, or one person has multiple SP edit pages open for the same SP, the problem can occur.

Standby Metadata Server Move - The standby metadata server is moving from Indiana to the data center in Los Angeles. The LA server has been deployed. Ops is working on a deployment plan on the move, including communications to inc-ops-notifications. Transition should be complete mid-August

Trust and Identity Updates

  • Architects meeting in Denver in two weeks

  • New project manager Erin Murtha has started

  • Have hired new DevOps and Security staff members - announcements forthcoming

FM Update

  • Had planned a release end of this week or early next week. The first visual evidence to customers. Because of the non-unique index issue, the release is delayed (probably two weeks to an FM release).

  • Future release will allow some self service (such as execs maintaining their site admins/roles) and other changes

2018 Nominations Process

Working Groups

  • Announcements have gone to technical-discuss

  • Discovery 2.0 - REFEDS steering meeting will meet July 12 concerning this year’s work plan and is expected to discuss Discovery 2.0. Should REFEDS create a working group, InCommon should participate in that. There is some urgency if something is to be done in conjunction with the next Shibboeth SP release (which will be end of the year)

  • There was discussion of the RA21 project, which is addressing the same general issue. There is a pilot planned (Leif is the contact person). is the website

IdP as a Service

The topic of potentially providing IdP as a Service came up on the TIER Packaging Working Group call, as they discussed making Shibboleth easier and developing a GUI for Shib. This seems to be a better fit with InCommon. Several ideas/issues were discussed:

  • Would it make sense for InCommon to operate such a service?

  • Should InCommon develop a document to help clarify issues for campuses considering outsourcing their IdPs? Examples would be minimum expectations of the vendor, portability, support for InCommon profiles, and support for importing a metadata aggregate and/or per-entity metadata distribution. Such a document could be a cookbook and/or something that a campus could use as part of an RFP.

  • Another option might be offering a “container as a service” based on the TIER Shibboleth Docker container

Reference: InCommon Software Guidelines

Reference: Technical Basics for IdP Operators from Alternative IdP WG Report:

The webinar covered these 9 questions:

    1. Where is it hosted?

    2. Is there any vendor lock in?

    3. Do you have full control?

    4. How easy is it to set up and what maintenance are you responsible for?

    5. Can you host onsite?

    6. How flexible is the solution?

    7. Are statistics provided?

    8. Is there support to set up 3rd party SPs?

    9. Does the service have a reliable track record?

(AI) TAC should review the IdP strategy document (

(AI) TAC should review the information for IdPs on the wiki and consider useful additions and revisions.

Next Meeting - July 20 - 1 pm ET

  • No labels