InCommon Steering Committee Meeting Minutes - March 7, 2016

Attending: Von Welch, Dennis Cromwell, Chris Spadanuda, Klara Jelinkova, Susan Kelley, Pankaj Shah, Sean Reynolds, Steven Carmody, Brett Coryell, Michael Gettes, Celeste Schwartz, Ted Hanss, Ann West

With: Ken Klingenstein

Note to Steering

Melissa Woo has moved from the University of Oregon to Stony Brook University in New York. She will remain on Steering.


Priority Planning - Ann reviewed the planning process followed last year and into this year. During 2015, a Steering priority subcommittee worked with InCommon staff on developing 2015 priorities. For 2016, there is a list of priorities developed by the InCommon TAC, augmented by Steering, with requests that have come from other areas. An internal group is assessing all of these inputs to develop a plan for 2016.

IDESG - Ann reviewed the Identity Ecosystem Steering Group (IDESG) which grew out of the federal NSTIC (National Strategy for Trusted Identities in Cyberspace). Both are part of the federal NIST organization. NSTIC funded several partnerships (including one at Internet2/InCommon) to explore ways to increase security and access across the Internet. The IDESG role is to develop expertise, best practices, and tools for trusted identities. Jack Suess (UMBC) has served as research and education’s representative and voice on the IDESG. He will continue to serve through 2016, but Steering should review the status of the IDESG in the fall and be prepared to recruit a new representative.

Assurance Advisory Committee (AAC) Appointments

The AAC is advisory to Steering in the area of developing assurance programs and strategies. The AAC recommends that Steering appoint these three individuals to terms on the AAC (terms ending 2018):

It was moved, seconded and unanimously approved to appoint Brett Bieber, Ted Hanss, and Joanna Rojas to the AAC, with terms ending 2018.

For information, continuing members of the AAC are:

Internet2 Global Summit - Steering meeting

InCommon Steering will meet face-to-face at the Internet2 Global Summit, with the meeting Monday, May 16, 8 am - 10 am. In addition, the TIER Investor Council will meet immediately following at 10 am - noon. Steering agreed to invite TIER Investor Council members to the Steering meeting.

Privacy Policy

Internet2 legal and InCommon staff are developing an InCommon privacy policy (as a separate LLC from Internet2, InCommon needs its own policy). The policy will outline the data collected by InCommon and the use of the information. It will also be clear that there is not personally identifiable information collected or used, and certainly not in attribute exchanges or the metadata. There was discussion about getting some feedback on the content of the policy. Steering members will do their own due diligence and make comments by March 18. InCommon staff will send the policy to Chris Holmes (Steering policy and legal advisor) and Steve Olshansky (Internet Society) for comment/feedback.

InCommon Fees - Lines of Business

Ann shared a document that outlines the current lines of business for InCommon and TIER, as a starting point for discussing how we will present these in a holistic way. See

Operations Review

Steering was asked to provide feedback on the priorities developed as part of an internal operations review. Dean will develop a survey as a way for Steering to rate the priority of each item. The operations review is here:

ISO 20000

Internet2 is adopting ISO 20000 and InCommon will be part of that. Internet2’s network services has been the first to start this process. There were questions about how this interacts or interrelates to NIST standards. Internet2 Vice President Rob Vietzke will be invited to the next Steering call to answer questions.

Federation Interoperability Working Group Document

Steve Carmody reported on the work of the Federation Interoperability Working Group, which had the goal of identifying key implementation methods for SAML2 implementations in research and education. They have developed a profile, which they plan to provide to Kantara, an international standards body, for review and promulgation. This profile will also inform InCommon’s development of a testing protocol and related services for this profile, allowing testing of IdP and SP implementations and conformance. TAC presents this profile/specification to Steering for review and acceptance.

Explanation - when an advisory committee like TAC promulgates documents and standards, Steering reviews/accepts them. These are highly technical documents, so Steering is being asked to consider policy implications and questions (rather than focus on the technology).  See the Working Group Final Report and the SAML V2.0 Implementation Profile for Federation Interoperability.

Next Meeting - Monday, April 4 - 4 pm ET