CTAB Call Tuesday June 27, 2023
Attending
David Bantz, University of Alaska (chair)
Richard Frovarp, North Dakota State
Eric Goodman, UCOP - InCommon TAC Representative to CTAB
Johnny Lasker, Internet2
Kyle Lewis, Research Data and Communication Technologies
Jon Miner, University of Wisc - Madison (co-chair)
Pål Axelsson, SUNET
Matt Eisenberg, NIAID
Rick Wagner, UCSD
Andrew Scott, Internet2
Ann West, Internet2
Emily Eisbruch, Independent, scribe
Regrets:
Warren Anderson, LIGO
Tom Barton, Internet2, ex-officio
Ercan Elibol, Florida Polytechnic University
Mike Grady, Unicon
Scott Green, Eastern Washington U
Meshna Koren, Elsevier
Andy Morgan, Oregon State University
Kevin Morooney, Internet2
Albert Wu, Internet2
Discussion
- Internet2 Intellectual Property reminder
- Agenda Bash
Working Group updates
- InCommon TAC
- Reviewed and discussed finalized “SP Middlethings final report”
- Approved report going forward to InCommon Steering
- Reviewed and discussed finalized “SP Middlethings final report”
- InCommon CACTI (Richard)
- Initial meetings with NIST to discuss their IAM roadmap. Interest in collaboration, including in areas of verifiable credentials, assurance, and authentication profiles. NIST will attend a future CACTI meeting to discuss more.
- Ann will chat with CACTI about forwarding the invite to CTAB. Would be good to have CTAB people, such as Kyle and Matt, on this future meeting
- Discussion on RAF and MFA
- Better coordination between NIST and NIH would be helpful
- Next Generation Credential Working Group is starting to meet.
- Initial meetings with NIST to discuss their IAM roadmap. Interest in collaboration, including in areas of verifiable credentials, assurance, and authentication profiles. NIST will attend a future CACTI meeting to discuss more.
- SIRTFI Exercise Planning Working Group
- IAM online “How to Sirtfi: Going Beyond the Technical” ready for Wednesday, July 19, 2023
- On track for a WG-internal practice exercise Aug 1, 2023
- IAM online “How to Sirtfi: Going Beyond the Technical” ready for Wednesday, July 19, 2023
- RAF 2.0
- Consultation is open
- Get your comments in before 7/26 (none yet): https://wiki.refeds.org/display/CON/Consultation%3A+REFEDS+Assurance+Framework+%28RAF%29+v2.0
- NIH team will be providing comments
- Consultation is open
- InCommon TAC
- TNC Updates
- There are different legal interpretations of GDPR
- Putting user in middle through wallets
- My phone has a collection of my memberships and contextually aware identity pieces on it.
- EU Commission is funding multiple organizations to work on a interoperable identity management access infrastructure across the EU
- 4 different projects
- https://digital-strategy.ec.europa.eu/en/policies/eudi-wallet-implementation
- Pain points around wallets: GDPR and consent
- EU wallet is about citizen community
- Need to control how “open” the wallet is, such as to phone companies
- There are interesting technology pilots we can learn from
- Summary:
- CTAB should be monitoring the wallets issue
- CACTI has a group looking at USA use cases
- Helpful for Pal to provide CTAB with international perspective
- Using OIDC, for example
- CTAB should be monitoring the wallets issue
- Pal attended
- REFEDs meeting was on June 9 2023
- MFA, new entity categories, Assurance and RAF were all discussed
- Wallets were discussed. EU commission hopes for interoperable structure
- There are different legal interpretations of GDPR
Operationalizing Baseline Expectations
- David and other CTAB members will be presenting this report to InCommon Steering August 7, 2023
Maturing Federation Brainstorming (continued from previous CTAB meetings)
- A goal is to turn item on Mural online collaboration tool into activities for CTAB in workplan:
https://spaces.at.internet2.edu/pages/viewpage.action?spaceKey=ctab&title=ctab-2023-work-plan
- CTAB voted on the proposed items (sticky notes) on the mural
- Everyone had 5 votes
- Items that got top votes:
- 5 votes:
- “SaaS providers conflicting model of federation” combined with “how do we challenge ID Providers or SPs who just want people in their walled garden”
- Document successful scalable use of entitlements
- “SaaS providers conflicting model of federation” combined with “how do we challenge ID Providers or SPs who just want people in their walled garden”
- 3 votes:
- Federal agencies, do we do more?
- What do brand new federation participants need to do to be Federation Ready?
- SPs trusting IDPs
- What is the purpose of federation for some participants? (eg small schools)
- Federal agencies, do we do more?
- Next steps:
- take top vote getting items and put in document
- Expand on use cases and specifics
- Some of these items may not be in scope for CTAB
- Some may be more suited to InCommon TAC, Steering or CACTI
- take top vote getting items and put in document
- 5 votes:
- AI David, Jon and Albert will document the top items for further exploration/definition
Next CTAB Call: Tuesday, July 12, 2023