Notes and Action Items, AAC Call of 29-March-2017

 

Attending:

  • Brett Bieber, University of Nebraska (chair)
  • Tom Barton, U. Chicago
  • Chris Whalen, NIH
  • Ted Hanss, University of Michigan
  • Ann West, Internet2
  • Emily Eisbruch, Internet2

 

Action Items

[AI] (Tom) develop guiding principles for dispute resolution process

[AI] (Ann) add additional narrative text to Draft Processes to Implement and Maintain Baseline Expectations

AI (Brett) make additional updates to the Diagram, Community Dispute Resolution Process
.

[AI] (Tom and Brett) review documents to make them more generic so they could apply more broadly, such as to handle issues around tags such as R&S or SIRTFI.  


Discussion

AAC Liaison to TIER working groups

Joanna Rojas, Duke, has been participating as a liaison from the AAC on the TIER Packaging working group and TIER Security and Audit working group.  It is not clear that regular participation on those working groups is needed. Most likely there is not a need for an AAC liaison on the TIER Packaging WG. Joanna will reach out to Helen Patton, chair of TIER Security and Audit WG, to verify if the audit perspective is needed on that working group. Joanna may offer to be a resource if needed versus joining each call. 

800-63 Digital Identity Guidelines

  • Consultation on NIST 800-63 Digital Identity Guidelines closed March 15, 2017
  • Jim Jokl will consolidate the feedback received
  • Ken Klingenstein will submit the feedback to NIST via Github by the March 31, 2017 deadline.

 

REFEDs MFA Profile


Baseline Expectations for Trust in Federation

Baseline Expectations


• Diagram, Community Dispute Resolution Process

  • Brett updated the diagram per feedback on the last AAC call.
  • It was suggested to specify on diagram that notification of formal review will include InCommon staff making a phone call to notify the participant.
  • It was noted that Baseline Expectations website record of issues could be a sensitive issue.
  • [AI] (Brett) will make additional updates to the Diagram, Community Dispute Resolution Process
.

Draft Processes to Implement and Maintain Baseline Expectations

Tom has updated the Draft Processes to Implement and Maintain Baseline Expectations.   In Stage 3, it was noted that the “random 3 peer reviewers from the set of Technical or Security contacts” is a good idea, however a concern is that not all community members have education on the matters that may need review. It was suggested to have AAC members as liaison to community members who are acting as peer reviewers. Another issue is the handling of confidential info to protect all parties. It was suggested to develop guiding principles around keeping info private unless we need to release it.

[AI] (Tom) develop guiding principles for dispute resolution process


A question was raised from the Service Provider point of view about the speed / cycle time of resolving issues. However it was noted that we need time to do this right and rushing the process would have its own risks.

Another question was whether the community should have a way to provide info on an issue that’s on the docket. This is a tough issue because InCommon may not want to provide details on how an InCommon participant is out of compliance.

Thinking about probable use cases, the only issue we know we will need to work on is metadata accuracy.

[AI] (Ann) will add additional narrative text to Draft Processes to Implement and Maintain Baseline Expectations

InCommon FOPP v3 edits (Ann)


InCommon FOPP

Ann suggests removing most of the dispute resolution section of the FOPP  (Section 8) to point to the "Baseline Expectations practices" document ( Draft Processes to Implement and Maintain Baseline Expectations)

There was discussion of the issue of baseline expectation concerns that come in from another federation.  It was noted that the process could encompass more than baseline expectations (Sirtfi issues or R&S issues). Ultimate action in such cases could be to remove a tag
,

[AI] (Tom and Brett) review documents to make them more generic so they could apply more broadly, such as to handle issues around tags such as R&S or SIRTFI.  



Global Summit AAC Face-to-Face April 23-26

  • AAC F2F Tues. April 25, 2:30pm - 4pm

  • Possible agenda
 items
    • Program Review process planning




    • updates to AAC charter

Community Assurance Calls

  • InCommon Community Assurance Call for April will be cancelled.
  • Next InCommon Community Assurance Call : Wed May 3 at noon ET

Next AAC call: Wed. April 12, 2017 at 4pm ET

 

 

  • No labels