Notes, CTAB Call of 28-Mar-2018


 

Notes and Action Items, CTAB Call of 28-March-2018

 

Attending:

  • Brett Bieber, University of Nebraska (chair)  

  • David Bantz, University of Alaska  

  • Tom Barton, University Chicago and Internet2  

  • Chris Hable, University of Michigan  

  • Ted Hanss, University of Michigan  

  • Jon Miner, University of Wisc - Madison 
  • Mary Catherine Martinez, InnoSoft  
  • Chris Whalen, National Institute of Allergy and Infectious Diseases (NIAID)  

  • Ann West, Internet2    

    Emily Eisbruch, Internet2  


Regrets: Joanna Rojas, Duke



New Action Items

[AI] (Jon) Consolidate the Community Consensus docs  

[AI] (Brett) add opening paragraph about the iterative process

[AI]  (ChrisH)  work with Brett on the logo advice


DISCUSSION


Staffing update  
• Baseline expectations for trust in federation implementation will require additional work/shepherding
 https://www.incommon.org/federation/baseline/
• There was an Increase in InCommon fees two years ago.  This fee increase supports additional staffing


• Federation Service Manager will be the title for a new staff person who can help support Baseline Expectations,to be posted soon


• In addition Nick Lewis, Internet2 Program Manager now working in Cloud Services area, particularly in Security, will be providing operational support on Baseline Expectations https://www.internet2.edu/people/detail/1989/

Community Notification of Finalized FOPP/PA changes
• The community notification of changes to the InCommon Participation Agreement (PA) and the InCommon Federation Operating Policies and Practices (FOPP) was sent recently.

• InCommon has received few questions    

• One institution asked to withdraw, but not because of baseline expectations

• Brett received a question from U. California
 system
• Brett noted that at U-Nebraska, communications from InCommon may go to networking team or to trust and identity team.



• Suggestion to encourage government agencies to share info with each other around baseline expectations

• Would be helpful to pull out data on the govt agencies and how many are meeting the expectations currently versus needing attention


• Feedback - it would be helpful to clarify the use of the “M” on the health check report  - is “M” good or bad on the report?



 Community Consensus Process & “Rules of the Road”

  • suggested edit: explain that this is  a recommended process. 
  • CTAB will learn and make iterations with the community’s help.


• Jon and David worked on suggested changes around the email lists for each consensus topic.

  • draft strawman for lists and communication in consensus process

 
 
• Decision not to “seed” the email list for consensus consultations. invite the community to participate

• CTAB should try to encourage the appropriate people to show up. Deliberately solicit voices

• Makes sense to merge those suggestions from Jon into the Community Consensus Process doc.


[AI] (Jon) Consolidate the Community Consensus docs  
• Will likely be an iterative process


[AI] (Brett) add opening paragraph about the iterative process

Privacy Policy (David, Chris W)

https://wiki.geant.org/display/eduGAIN/How+to+write+the+Privacy+Policy
https://geant3plus.archive.geant.net/uri/dataprotection-code-of-conduct/V1/Pages/default.aspx

  • Having a person to contact with privacy issues is important
  • Would be helpful to have Guidance for and IDP Operator on "Who on a campus can help draft a privacy policy if there is no privacy officer"
  •  HEISC working group could be a good resource

https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/about-heisc
https://spaces.at.internet2.edu/display/2014infosecurityguide/Privacy

  • What should be the timeframe within which CTAB insists a privacy policy must be in place?
  • First requirement is that there be a link to something.

Three short-term suggestions to the community:
• Link to whatever privacy policy you have in your POP (This works for the 50% that have POPs)

• Refer to privacy policies available through Educause HEISC, even if not federation related

• Develop a web page that links to established organiztional policies related to privacy (data sharing, FERPA release, AUP, etc) as a first step


You can look at privacy policies by organization:
https://incommon.org/federation/info/all-orgs.html

Eventually a webinar on the privacy policy topic could be helpful.

Logo Advice:

AI (ChrisH)  will work with Brett on the logo advice

What formats? e.g. jpg/png/svg?
What sizes? Rasterized or non-rasterized?
Background?
Solid/transparent, white black?

Dimensions?
Aspect ratio, e.g. square, rectangular

Design mockups and scenarios for representation:
Discovery pages (IdP)
Consent interfaces (SPs)

Who to talk to on your campus?
Communications office
SP owners

key items:
Should be something the user recognizes and associates with the service or IdP.

MDUI Discussion (Brett) (saved for next call)

CTAB Meeting at 2018 Global Summit, Wednesday, May 9, noon-1:00PM

  • This will be a closed meeting for CTAB members

  • Will have a Zoom bridge

Next CTAB Call: Wed. April 11, 2018


 


 

  • No labels