InCommon TAC Meeting Minutes - July 23, 2015

Attending: Michael Gettes, David Walker, Steve Carmody, Chris Misra, Scott Cantor, Tom Barton, Jim Jokl

With: Ann West, Dean Woodbeck, Nick Roy, Nate Klingenstein, Steve Zoppi, Paul Caskey

Action Items

(AI) Paul will draft a new charter for the PKI Subcommittee, including putting out a call for new subcommittee members (to better represent Certificate Service subscribers)

(AI) Steve Zoppi, Steve Carmody, and Paul Caskey will come back to TAC in two weeks with a proposal concerning "making Shib easier;" specifically about how to leverage work already done through TIER to attract schools and individuals willing to commit to development help.

Minutes from July 9, 2015, approved

TechEx Face-to-Face?

There may be interest in a TAC meeting during TechEx if there are agenda items that would benefit from such a meeting. The proposed time is Wednesday, Oct. 7, 11:20 pm - 1:30 pm, which overlaps a general session and lunch. We’ll leave that time for now. Another option if the agenda is light is to have a TAC lunch in a private room.

Operationalizing eduGAIN

  • The Operationalizing eduGAIN Roadmap (https://spaces.at.internet2.edu/x/4IFHBQ) takes a phased approach, in terms of the import/export plans for SPs and IdPs. There will be changes in the Federation Manager interface to enable opting in and out.
  • Participation Agreement and FOPP - Ann is cautiously optimistic that legal will have these ready for the Steering meeting on August 3. The goal is for Steering to approve submitting the candidate documents to community review. The ultimate goal is Steering approval of the changed documents on November 2.
  • Nick has two side questions: Do we want to export SAML1-only entities to eduGAIN?  Do we want to require mdui:DisplayName for any SPs that don't currently set it before allowing their export to eduGAIN? if you have an opinion on this, please email Nick.

Certificate Service Update

  • Paul reported that Usher will no longer be a community-wide service and be turned over to the University of Virginia.
  • The Comodo contract is up for renewal in Fall 2016. The process will include a review of the service, a community survey, and an assessment of past performance and future needs.
  • Paul will reconvene the PKI Subcommittee to review the draft survey and then the results once the survey is complete, with a report back to TAC.

(AI) Paul will draft a new charter for the PKI Subcommittee, including putting out a call for new subcommittee members (to better represent Certificate Service subscribers)

A new domain approval process is circulating internally, with a possible move to DCV.

Federation Interoperability Working Group

Nick reported that the WG will begin meeting Monday, Aug. 10, at 10 am ET and continue meeting weekly. Walter Hoehn is chairing the group, and there is also interest from Roland Hedberg and Nicole Harris in participating. Several companies are also participating.

TLS and trust framework

Nick sent an email summarizing this issue (how the fingerprint and public key for metadata signing are distributed). The group discussed a number of options for distributing the fingerprint, but Nick is comfortable with the current situation for now.

Making Shib Easier (Paul)

  • Looking at the Canadian federation installer and potential for something similar for InCommon
  • Also looking at the potential for custom configuration files and, down the road, some sort of auto-config managed service
  • There was discussion about how to engage people to help with moving along with making Shibboleth easier. Steve Zoppi suggested managing this activity in combination with TIER, perhaps via a JIRA backlog, given that this overlaps with TIER. TIER has already identified potential helpers for projects, which could be of benefit.

(AI) Steve Zoppi, Steve Carmody, and Paul Caskey will come back to TAC in two weeks with a proposal along these lines.

Next Meeting - Thursday, August 6, 2015 - 1 pm ET

 

  • No labels