January 22, 2014

Date:

January 22, 2014

Time:

12 Noon Eastern, 9AM Pacific, 5PM UK

Dial-in Info:

+1-734-615-7474 (English I2, Please use if you do not pay for Long Distance),
+1-866-411-0013 (English I2, toll free US/Canada Only)
PIN: 0195401 #

Agenda:

Review of EduGain Policy Framework Constitution
Any other business

Attending:

Warren, Ian, Mark, Scott, John, Tom, IJ.

Recording:

Minutes:

1. Announcements
   1. John has touched base with internal counsel and will now lead the internal effort. Update meeting on review tomorrow.
2. eduGAIN Constitution
   1. 3.1 - "Provide processes for handling complaints and incidents involving their Members." Tom wonders if there are hidden support costs there. Ian says that it is to early to know for sure, but there have been no complaints or incidents. There has been a request from another federation to have UKf encourage an SP to opt-in. John was under the impression that this was internal to the federation, but Ian does not see it so. This harkens back to issues with passive voice statements in the declaration.
   2. 3.1 - "Have a published Metadata registration practice statement." John points out that the definition of metadata registration practice statement is vague so it seems to give latitude. Ian says that the UK and Austrian documents are recent and more detailed than earlier ones and can provide working examples. He believes that there might be a set of requirements in the future. Nothing active happening at the moment, but there seems to be a general acceptance that it is necessary to provide more specification. This is a forum where inCommon can bring value to eduGAIN because LOA and assurance in general has been thought about more carefully. Tom wonders if REFEDs might be the best place to pursue this. Ian points out that it is in the 2014 work plan. There are four practice statements involved and Tom is listed as supporting the work item proposal. 
   3. 3.1 - "Follow the eduGAIN SAML 2.0 Metadata Profile if it decides to exchange the metadata of Entities via eduGAIN (“upstream metadata”)." John is not sure what direction is upstream. It's unclear why this seems to be optional. Scott think if it's optional only if you were a consumer. Ian thinks that's true, but it seems like a really limiting position. Scott speculates that it might be for participants who want membership but not any technical constraint. There is precedence for this within InCommon, where there are members who join political reasons or before they have anything to exchange.
   4. 3.2 - "To apply for membership, the applicant Federation signs the eduGAIN Policy Declaration and presents it to the OT." Ian warns that the OT will check independently to verify that the signing party is authorized to sign on behalf of the federation. John thinks this is not an issue. Ian also notes that they like to have a scanned version as well as follow-on paper document.
   5. 3.2 - "3. Unless the eSG has decided that the applicant Federation does not need further approvals, the OT prepares and presents a proposal to the eSG to approve or reject the application." This is an (almost) expired process, which caught the UKf by surprise. There is only one "pre-approved" candidate left on the list and it is InCommon. John wants it to be known that inCommon is suitably grateful.
   6. 3.3 - This point seems a bit ambiguous, but not in a way that is an issue for anyone on the call.
   7. 3.4 - Not sure what the point of this is - what happens if you fail to comply? It does specify a timeframe.
   8. 4.3 - John and Ian discusses that there is no "eduGAIN Technical Overview", but there may be an intent to get one. This point and point 
   9. 4.4 - Ian points out that this is where a distinction is made between optional profiles and mandatory profiles. Mandatory changes have a higher barrier in order to make sure that changes do not arbitrarily disqualify participating federations. At this point, the only profile that is required is "SAML 2.0 Metadata Profile". 
3. AOB
   1. Next up is the "eduGAIN Metadata Profile"
   2. Group discusses whether it is worth discussing the optional documents. The consensus seems to be that it is not.