Attending: Mark Scheible, Matt Brookover, Janemarie Duh, Judith Bush, Mike Grady, Eric Goodman, Tom Demeranville, Kim Milford
Regrets: Keith Wessel, Eric Kool-Brown
With: Nick Roy, IJ Kim, Dave Shafer, David Walker, Shannon Roddy
Updated TAC Charter - Mark sent the updated charter to Sean Reynolds, chair of InCommon Steering, and asked to have it on Steering’s next agenda for approval (Steering next meets Monday, June 4).
Status of MACE-Dir / next steps with REFEDS - MACE-Dir work will move to REFEDS, since this is a global activity. At the Global Summit meeting, MACE-Dir members thanked Keith Hazelton for leading this for so many years.
Baseline Expectations - Release of the Federation Manager Tuesday, May 29, will strongly recommend metadata changes conform with Baseline. CTAB and the project team are working on communications leading up to the PA change (June 15) and beyond.
eduGAIN Steering Meeting - Voting members approved an eduGAIN SAML policy change requiring federations to do specific things with their metadata. Entities need a technical and support contact. There will come a time when eduGAIN will drop a federation if they submit metadata without those. When that happens, if there are InCommon organizations that do not have those contacts, we will stop exporting those entities to eduGAIN.
eduGAIN also recommends submitting metadata with a 4096-bit key. This is planned as part of our MDQ rollout. Also, eduGAIN has a “should” to adding mdrpi:RegistrationInfo to every InCommon entity descriptors. We do not do this.
Federation Manager - Released some bug fixes this week and will have more next week when we do the Baseline Expectations update.
MDQ Implementation - As part of automating metadata signing, we need a Hardware Security Module. We are having trouble with getting the Shibboleth MDA to work with the Amazon HSM via PKCS#11, so we are working to develop a signing bean for the MDA that will work with the HSM via Java API supplied by Amazon.
Streamlining SP Onboarding - reviewing feedback from community consultation. Suggesting a late June wrap-up.
Attributes for Federation - Consultation ends June 4, then the working group will meet to discuss the community input.
OIDC Deployment - Met recently. Coordinating discussions to take place at TNC. Discussing architectural deployment profiles.
Deployment Profile - Just met. Comment period has ended and the WG has discussed those at the last two meetings. Looking at the end of June as being finished with that. Also talking about a community call to discuss the comments.
Janemarie, Heather, and Judith have been holding discussions via email. Judith has agreed to serve as one of the co-chairs. The group needs to look strategically at where interfederation needs to go. The hope is to recruit a co-chair and spin this group up in June.
This has simmered for many years. Service Providers in science projects, for instance, continue to have problems with IdPs providing attributes and accurate attributes. InCommon is seeing more problems with participants entering metadata using IdP software that doesn’t work in the federation. Are there ways we can encourage people to participate and pay attention to email and email lists. Here are some excerpts from a TAC email thread.
Possible solutions?