Child pages
  • COmanage-dev Call 15-Oct-2010
Skip to end of metadata
Go to start of metadata

COmanage Call 15-Oct-2010


Heather Flanagan, Independent (chair)
Ken Klingenstein, Internet2
R.L. "Bob" Morgan, U. Washington
Michael Gettes, Independent
Tom Barton, U. Chicago
Steven Carmody, Brown U.
Jim Leous, Pennsylvania State U.
Benn Oshrin, Internet2
Steve Olshansky, Internet2

New Action Items

[AI] (SteveO and Heather) will send out one more version of the new COmanage website to the group and publish it prior to FMM

[AI] (Ken) will draft a question for the survey concerning multiple affiliations and send it to the group for review.

[AI] (Steven) will prepare a few slides on ESWN for Heather to use at the FMM session on VO/CO Topics

[AI] (Ken) will notify the COmanage list about the upcoming Zimbra phone call.

Carry Over Action Items

[AI] (Ken) will modify the VO assessment instrument to ask about drop box requirement

[AI] (Ken) will share final report on IRODS with Bob

[AI] (Steven) will set up a call with Ken and Steven and Jans Hesthaven of ICERM

[AI] (Jim) will share ESWN call notes with the COmanage-dev list.

[AI] (Steven or Jim) will write up the ESWN use case on the COmanage wiki.

[AI] (Ken) will follow up on discussion with UK around collaboration platform work.


COmanage Website Updates

The COmanage website is ready for review at

The information is similar to what will be on the updated COmanage info sheet.

Bob suggested removing the word "platform" from the headline, and all agreed this was a good idea. The platform is just one aspect of the project. COmanage might also be delivered as a service or a package at some point.

It was suggested to call COmanage a "set of capabilities" in the explanatory text.

[AI] (SteveO and Heather) will send out one more version of the new COmanage website to the group and publish it prior to FMM

Multiple Source Institution Question

There has been a good discussion on the email list about how COmanage should handle a situation where a user has multiple affiliations. The consensus was that this use case will need to be addressed at some point in the future, but it is not a high priority right now. There is not an immediate use case evident among the VOs we are working with, at least from interactions to date.

Michael noted that in the past, since all the information was stored in the directory there could be multiple UID attributes for a single identity.

Q: Should we add an assessment survey question to elicit a use case for handling multiple affiliations from a VO?

E.g. the question could be framed as: "What percentage of your community is affiliated with multiple institutions and does work in different roles where you need to differentiate between those institutions"

[AI] Ken draft a question for the survey concerning multiple affiliations and send it to the group for review.

Fall Member Meeting Update

There are three COmanage-related sessions at 2010 Fall Member Meeting:

COmanage Working Group
Monday, Nov. 1 at noon

Domestication Stories
Wednesday, Nov. 3, 2010, 3:00 PM - 4:00 PM
Benjamin Oshrin , Internet2
Harold Teunissen , SURFnet

VO/CO Topics - Interinstitutional Research and Collaboration Approaches
Thursday, Nov. 4, 2010, 10:30 AM - 11:45 AM
Heather Flanagan , Independent Consultant
Greg Haverkamp , Lawrence Berkeley National Laboratory
Scott Koranda , University of Wisconsin-Milwaukee
Nirav Merchant , University of Arizona

Heather would like to mention ESWN and other smaller VOs we are or may be working with in her opening comments.

[AI] Steven will prepare a few slides on ESWN for Heather to use at the FMM session on VO/CO Topics

Heather intends the COmanage Working Group session to be a fairly informational conversation. Suggested messages:

  • Collaboration management platforms represent the new frontier.
  • This effort has been refunded by NSF
  • List some of the interested VOs

The Federated Identity Cyberinfrastructure workshop after FMM (on Nov 4-5) has 68 people signed up.

A third of those enrolled are international. Tom will deliver a lightning talk about the Bamboo project at the end of the workshop. Tom noted that there could be some use cases coming out of the Bamboo project that are in scope for COmanage framework. Use cases could also emerge from the Clarin project in Europe.
Clarin is involved with the GEANT GEMbus project

Other Upcoming Events

Ken has identified an entity interested in partially funding the VO CAMP (VAMP) in 2011. More details will be forthcoming as this gets firmed up.

The EuroCAMP in Vienna Nov. 23-24 will focus on the Evolution of Campus Web and Collaboration Environments

Marketing Report

Adobe Connect 8 reportedly plans to use SAML in production in 2011.

SURFnet and the OpenSocial Foundation are hosting an OpenSocial event in Utrecht, Dec. 6-7

A prominent LMS vendor will be joining InCommon and may be interested in externalizing some identity functions.

Zimbra has plans to release a federated version of Zimbra. Ken is planning a phone call with Zimbra people. It was suggested to mention to the Zimbra people that we hope that the federated capability will be part of the open source Zimbra.

[AI] Ken will notify the COmanage list about the upcoming Zimbra phone call.

Steven is engaging with the Bedework Calendar project, as he is on the Steering Committee.

Foodle is another calendar system that it could be good to engage with.

SDCI Grant

An OK has been received concerning hiring a half time person on the SDCI grant funding.

Attribute Release Discussion

Q: If collaborators use federated identity to authenticate to their COmanage instance, and then access applications from the COmanage platform, will it be possible to define attribute release policies within the VO context and apply them to everyone within the VO? Is that a way to handle attribute release issues and attribute release policy challenges until UApprove becomes more commonly accepted?

Bob noted that just going to a COmanage hosted application does not require release of attributes from one's home IdP. If we push attributes into the COmanage instance, there will be issues about how to continuously keep those attributes updated.

What about having a tab in COmanage to allow the admin to manage attribute release policies for the application? IdPs have attribute release policies. Is it practical to set an attribute release policy for everyone within the VO?

In the original COmanage implementation, the first time the user went to the COmanage site, s/he filled out the profile form. Then COmanage stored that info in the LDAP server. The apps then obtained attributes as needed from LDAP.

The best path forward is to encourage InCommon and others to inform campuses that there is a new IdP release forthcoming and a new release UApprove available, allowing attribute release to be driven off the metadata. This approach will be easier for the campuses. Ken is developing a document that will eventually be sent to InCommon participants telling them about the mature suite. Ken will send out to a draft to the TAC.

Bob is working with the InCommon TAC to get the attribute elements into the InCommon metadata elements representing SPs.

In the shorter term, can some adding of those elements be done manually by InCommon staff?

We need to do demos, show the benefits, and identify early adopters. It should be possible to present a demo at an InCommon session at FMM.

Brown has uApprove added to production IdPs. It is only triggered for service providers operated by Internet2.

Next Call: Friday, Oct. 29 at 2 pm ET

  • No labels