CTAB Wed. Aug 28, 2019


 Attending

  • Mary Catherine Martinez, InnoSoft (chair)  
  • David Bantz, University of Alaska (vice chair)  
  • Brett Bieber, University of Nebraska   
  • Rachana Ananthakrishnan, Globus, University of Chicago   
  • Tom Barton, University Chicago and Internet2  
  • Brad Christ, Eastern Washington University  
  • Jon Miner, University of Wisc - Madison 
  • John Pfeifer, University of Maryland  
  • Chris Whalen, Research Data and Communication Technologies   
  • Ann West, Internet2  
  • Albert Wu, Internet2  
  • Emily Eisbruch, Internet2    
  • Jessica Coltrin, Internet2

Regrets 

  • Eric Goodman, UCOP - TAC Representative to CTAB 
  • Chris Hable, University of Michigan
  • John Hover, Brookhaven National Lab 
  • Adam Lewenberg , Stanford  

New Action Items from this call

  • [AI] (ChrisW, Albert and EricG) will talk offline on REFEDs MFA 
  • [AI]  (DavidB) work on the BE v2 doc and take it forward, with Tom’s help. 


DISCUSSION

  • Standardize committee processes - Jessica
    • Annual Membership Cycle for Committees is in draft form
    • Goal is to align processes for all governance committees on a common cycle for recruiting for membership.  Common timeline and high level process.
    • For the CTAB solicitation, CTAB could tweak the text that has been used in past years
    • Nominations would auto-populate into spreadsheet
    • Comment: this process will be helpful to the community
    • Jessica will follow up with CTAB chairs after Labor Day. 


  •   InCommon Assurance Program (Ann)
    • Draft document on Assurance program transition and next steps is available to CTAB for review
    • Background: CTAB was originally InCommon Assurance Advisory Committee - AAC
    • AAC had oversight of Assurance Program
    • Much community effort went into developing the InCommon assurance program and the profiles
    • Six campuses were certified in the lowest level profile (Bronze)
    • The Federal government was originally going to require federally certified credentials to access key services, but this did not happen, leading to the Assurance program not being as necessary as expected
    • Plan is to talk to the 6 bronze certified campuses about closing the InCommon Assurance Program 
      •   Engage those 6 campuses around the transition and next steps
    • We would suggest alternative through Kantara for campuses that want certification
    • Kantara certification maps closely to InCommon Assurance Bronze
    • Q: what is the suggested timeframe for ending the InCommon Assurance program?
      • A: it’s up to the campuses. Some of the 6 are going through renewal now. 
    • Baseline Expectations for Trust in Federation has turned out to be a good way to increase trust over time.
    • Q: Does it make sense to not do renewals of the 6 campuses?
      • A: InCommon must give one year’s notice, or a campus can give 30 days notice to end the InCommon Assurance Program


  • Review draft Baseline Expectations v2 blog - David/MC   
    • Draft blog covers results of the survey CTAB conducted
    • There is summary of BE v1 and preview of BE v2
    • Will email a link to the blog to the mailing lists we sent the survey to.
    • Dean can publish the blog at any time.
    • Will be linked to in September Trust and Identity Newsletter
    • TomB:   we may want to add info on what CTAB plans to do for BE v2 
    • Should the blog mention that a few orgs were removed from metadata because they did not meet BE v1?
    • Not necessarily, since those were orgs that were OK with “expiring” (left InCommon of their own free will)
    • DECISION: keep the focus of the blog as it is, with strong emphasis on survey results
    • Albert will produce a final summary report of Phase 1 of BE, and this will mention the fact of a few orgs being removed from metadata  


    • Release BE v2 for Community Consensus Process 
      • Materials for Community Consensus - what do we need to present for community consensus to help with understanding? Input from those who did the first round?
      • https://www.incommon.org/federation/community-consensus/
      • Perhaps focus on the input we received in the survey
      • Suggestion to bundle the 5 items on the list into 3 groups: 
        • the low hanging fruit (error URL, encrypt endpoint, SIRTFI), 
        • R&S 
        • REFEDs MFA Profile
      • Suggest sequential discussions for the various topics, not parallel
      • ChrisW is very interested in REFEDs MFA, but there are technology limitations at this time
      • IDPaaS Working Group survey results are showing that MFA is a priority
      • It will be helpful to clarify regarding R&S attribute release and what that would mean in context of Baseline Expectations 
      •  REFEDs MFA and R&S attribute release really add value to the federation.  
      • What percentage of IDPs will have difficulty meeting REFEDs MFA?
      • Those orgs not running Shib may have a challenge with REFEDs MFA
      • Hard to get that data on who is not running Shib
      • Want to continue positive phase 1 Baseline Expectations experience into  phase 2
      • We can move forward with low hanging fruit suggested for Baseline v2 (error URL, encrypt endpoint, SIRTFI),


      • Is it worth considering temporary waiver for subset of the IDPs not able to meet REFEDs MFA? 
      • Albert: Suggestion is that whether you support REFEDs MFA in your IDP or not, express your support or lack of using REFEDs MFA profile. 
      • ChrisW: Some SPs might need to issue MFA token in certain cases, for genomic data for example
      • It was  noted that the added  enrollment process option is a  story we need to tell
      • [AI] (ChrisW, Albert and EricG) will talk offline on REFEDs MFA 
      • MC supports the approach of splitting out the 3 low hanging fruit from the other two suggested elements for BE v2


  • AI (DavidB) work on the BE v2 doc and take it forward, with Tom’s help. 
  • Baseline V1 Summary report (Albert working on this)


Next Call: Wed. Sept 11, 2019

 

  • No labels