InCommon Technical Advisory Committee Meeting Minutes
Thursday, May 8, 2014
Attending: Steve Carmody, Michael Gettes, Keith Hazelton, Ian Young, Jim Jokl, Nick Roy, Scott Cantor, Tom Barton, Jim Basney
With: John Krienke, Tom Scavo, IJ Kim, Nate Klingenstein
Action Items
(AI) Tom Scavo and Tom Barton will work on making available to campuses the InCommon scripts used to identify SP’s with endpoints that are not compatible with SHA-2.
(AI) Steve Carmody will continue to draft a note to Chris Holmes (member of Steering and associate counsel at Baylor) concerning how to frame any proposed revisions.
(AI) David Walker, Tom Scavo, and Michael Gettes will identify the technical and policy questions and options available, associated with extending the InCommon Google Gateway to R&S SPs, with a report deadline of June 5.
Ops Update
Tom Scavo provided an update on the new metadata aggregates. On June 30, the fallback and production aggregates will be synced, meaning that all aggregates will be signed using SHA-2. He has followed up with the eight SPs with endpoint issues and is optimistic about the results. (AI) Tom Scavo and Tom Barton will work on making available to campuses the InCommon scripts used to identify SP’s with endpoints that are not compatible with SHA-2.
Heartbleed Aftermath
There was discussion about the appropriateness of InCommon, as the federation operator, conducting probes to “protect the reputation of the federation” (as the UK federation states). This may require updates to the FOPP, the Participation Agreement (PA), or both. (AI) Steve Carmody will continue to draft a note to Chris Holmes (member of Steering and associate counsel at Baylor) concerning how to frame any proposed revisions.
TIER Status Update
Steve Carmody reported that a Steering subcommittee is working to more clearly define the TIER initiative (Trust and Identity in Education and Research), with a deadline to generate a document by the end of July.
New Working Groups
Steve Carmody has approached Steve Zoppi about the need for some resources to support the new working groups.
Extending the Google Gateway
LIGO is working with a vendor to deploy a Google gateway for use with LIGO SPs that will proposed for the R&S category. There was discuss about whether InCommon should extend its gateway to include R&S SPs, alleviating the need for LIGO and other SP operators to deploy separate gateways. The question is whether InCommon should be the central provider of such a gateway and any policy implications. (AI) David Walker, Tom Scavo, and Michael Gettes will identify the technical and policy questions and options available, with a report deadline of June 5.
IAM Testbed SP
Jim Jokl and Keith Hazelton reported on an IAM testbed that will provide a platform to demonstrate the various components of open-source infrastructure, wired together to provide a workflow, including onboarding and provisioning a user for access to various resources. Details are on the wiki: https://spaces.at.internet2.edu/display/InCCollaborate/IAM+Testbed
Internet2 will be asked to deploy the SP. Jim and Keith are also working on deployment of an IdP and are discussing the POP and how such an IdP may be deployed.
Next Meeting
May 22, 2014 – 1 pm ET / Noon CT / 11 am MT / 10 am PT