CTAB Wed., Aug 14, 2019
Attending
- Mary Catherine Martinez, InnoSoft (chair)
- David Bantz, University of Alaska (vice chair)
- Brett Bieber, University of Nebraska
- Rachana Ananthakrishnan, Globus, University of Chicago
- Brad Christ, Eastern Washington University
- Eric Goodman, UCOP - TAC Representative to CTAB
- Adam Lewenberg , Stanford
- Jon Miner, University of Wisc - Madison
- John Pfeifer, University of Maryland
- Emily Eisbruch, Internet2
Regrets
- Chris Whalen, Research Data and Communication Technologies
- Chris Hable, University of Michigan
- John Hover, Brookhaven National Lab
- Tom Barton, University Chicago and Internet2
- Ann West, Internet2
- Albert Wu, Internet2
Action Items
- [AI] (MC and David) produce first draft of blog about BE V2 survey results by next CTAB call Aug 28
- [AI] Emily reach out to Dean about upcoming blog on BE V2 Survey results and deadline for inclusion in an InCommon newsletter (done, deadline is Aug. 23, 2019)
Discussion
- Baseline Expectations v2 survey response
- Received 86 responses
- How to we publish results to the community?
- Decision: publish a blog summarizing the results
- [AI] (MC and David) produce first draft of blog about BE V2 survey results by next CTAB call Aug 28
- Drafting Baseline v2 document and submit for community consensus
- Do we have a request for other BE elements?
- When do we produce the draft for community consensus? - goal is end of Sept
- Proposed Schedule:
- Blog - end of Aug
- Draft of actual BE v2 doc- end of Sept
- Community consensus - starts by Oct.
- BE v2 community consensus process:
- Idea: smaller group(s) to write clear positions on what each of the elements mean - what it is, what it means to implementers, what it means to users, impact of
- implementation technology evolution has on how we phrase Baseline statements, etc.
- Will need volunteers/conscripts to convene discussion; set deadline
- likely for subgroup and/or 8/30 discussion
- There is a need to clarify what CTAB really recommending in Baseline relative to “REFEDs MFA”
- What does support REFEDS MFA Profile mean for each party in Federation? https://wiki.refeds.org/display/PRO/MFA+Profile+FAQ
- Could follow up on the results from the survey.
- REFEDs MFA
- Requiring MFA as part of baseline does not mean you must implement MFA. But if you do, here is the type of response required, and define that exactly.
- We should also explain “failure case”: If you don’t have MFA, what should the response be.
- The idea is NOT to fail with an opaque or unexplained error
- IDP must be configured a certain way to handle the REFEDs MFA error case gracefully
- EricG has been working on this issue at UCOP, for Shib IDPs, no cookbook for that yet
- Discuss this more on next CTAB call
- Should we include foreshadowing of BE v3, perhaps in the blog?
- R&S attributes being released by default as part of BE - likely for subgroup and/or 8/30 discussion
- Helpful to get to the bottom of the concerns about R&S, loss of control is one concern.
- The question gets asked “what is legal recourse?” In fact there is no legal recourse, but the risk is small.
- Find out what could be added to SIRTFI to make the next step successful
- An argument for including R&S in baseline v2 could be to motivate a more meaningful discussion
- SPs are in favor of R&S, and this was heard in the work of the Attributes for Collaboration and Federation WG. http://doi.org/10.26869/TI.101.1
- R&S, or other attribute release, includes the value of the InCommon Federation.
- Currently there is a need for a lot of one-off attribute release to individual Service Providers
- With rise of Web AUTHN and FIDO, credentials will become less of a big deal
- In that environment, Value of IDPs could decrease
- Without R&S, there will be workarounds, not involving InCommon, including social media and other less secure approaches
- The role of consent is important in the discussion also
- Update on SIRTFI/CTAB taskforce on issues of metadata freshness/accuracy: a meeting has been scheduled
- Proposal was: SIRTFI and CTAB work together on exploring these issues of accurate, fresh metadata, for SIRTFI and then take the learnings to other federations to make this a global issue.
- Volunteers are David Bantz , ChrisW, Albert, ScottK and TomB
- Albert will convene the group
Next CTAB call: Aug. 28, 2019