CTAB Call Tuesday November 29, 2022
Attending
- David Bantz, University of Alaska (chair)
- Jon Miner, University of Wisc - Madison (co-chair)
- Pål Axelsson, SUNET
- Ercan Elibol, Florida Polytechnic University
- Richard Frovarp, North Dakota State
- Mike Grady, Liaison from CACTI to CTAB
- Eric Goodman, UCOP - InCommon TAC Representative to CTAB
- Andy Morgan, Oregon State University
- Chris Whalen, Research Data and Communication Technologies
- Tom Barton, Internet2, ex-officio
- Johnny Lasker, Internet2
- Albert Wu, Internet2
- Andrew Scott, Internet2
Regrets
- Dave Robinson, Grinnell College in Iowa, InCommon Steering Rep, ex-officio
- Rick Wagner, UCSD
- Meshna Koren, Elsevier
- Jule Ziegler, Leibniz Supercomputing Centre
- Robert Zybeck, Portland Community College
- Kevin Morooney, Internet2
- Ann West, Internet2
Discussion
Working group / Committee liaison reports
- InCommon TAC
- Focused on identifying any special considerations for proxies and proxy-like things in federations.
- There will be a session on Wednesday: “Rise of Middlethings”; we hope to inspire further discussion during ACAMP sessions
- Collection of thoughts from TAC on the potential role of InCommon related to supporting/providing value in the Distributed IDentity space.
- Goal is to turn the ongoing learnings and discussion into more concrete workplan items.
- Reviewed election/chair election status
- Discussed and reviewed “SP Middlethings” report
- Reviewed comments to date re “Wallet Brainstorming”
- Security Exercise Planning WG:
- SIRTFI Tabletop Exercise
- The exercise is complete, some lessons learned, report and recommendations to be developed.
- Potentially there should be an annual exercise, or perhaps more frequent, smaller activities.
- Andrew Scott of Internet2 will be resource moving forward
- REFEDS Assurance
- Finalizing and working towards a presentation
- Effort is primarily to clarify existing REFEDs Assurance Framework
- Unsupervised remote / automation for identity proofing is a potential add on to the existing framework
CTAB election & recommendations to InCommon Steering for approval
- Finalize CTAB slate for InCommon Steering approval
- Emails have been sent to those being asked to serve on CTAB, most have confirmed they will be pleased to serve
- Note there are 14 CTAB members on this slate, and CTAB charter officially allows for 13.
- CTAB Charter http://doi.org/10.26869/TI.94.1
- So this is an exception, to have 14 CTAB members
- Tom Barton, who helped write the CTAB charter, noted that this can be flexible
- Question about staggering the CTAB terms,
- consensus that it's OK to keep CTAB terms as they are
- Albert reported that David Bantz and Jon Miner were reelected as chair and vice chair respectively
- Thank you to David and Jon for stepping up to continued leadership
Baseline Expectations v2 closing updates
- CTAB received unanimous official InCommon Steering endorsement of actions proposed
- These were revised proposals based on earlier feedback from InCommon Steering.
- There are some entities slate for removal (un-publishing from the InCommon Federation) on Dec 12.
- Some of these entities have indicated they intended to withdraw from the InCommon Federation in any case.
- SIRTFI
- There are about 100 entities that have not indicated adherence with SIRTFI framework.
- We will communicate / reengage with them in January 2023
- David noted that our handling of the SIRTFI Baseline Expectation requirement is something of a compromise between CTAB and InCommon Steering
- There are IDPs that have not yet met baseline, but have let us know they are working on it.
- They will not be removed as long as they are working and communicating with us
- InCommon operations will look again in 2023 at entities with no SSL encryption scores, or scores of B
- Likely tracking the scores over time
- Question: what about periodically testing contacts in metadata?
- Albert: this will be a focus for InCommon Operations in 2023, also testing for other required elements, such as privacy URL
- Tom suggests that CTAB communicate with InCommon Steering in 2023 about the big picture around Baseline Expectations
CTAB at 2022 TechEx
- Albert will make reservations for the CTAB dinner
- Presentation - "Increasing Trust and Assurance in InCommon" (Wednesday, 12/7 8AM MST)
- SPs intended for many, few, or 1 IdP
- SPs behind proxies or “middle things”
- IdPs from 10**2 to 10**6 users
- Federation operators in REFEDS
- Assurance (MFA, IAL, …)
- Attribute standardization / entity categories
- Profiles
- BE (every entity must…)?
- Tiers or badges (these entities do…)?
- Best Practices codification / promotion (if you need X, do Y)?
- Integration services/recipes from Federation or others?
- Fixing the Problems of Attribute Release: Wed 12/6 11:20 AM
- Assurance in Action: Wed 12/6 11:20 AM
- The Rise of Middlethings: Wed 12/6 2:40 PM
- Making it Sticky: Offering Shared Services via InCommon Glue: Wed 12/6 4 PM
- Baseline Expectations as a pyramid of increasing value (utility/scalability) of InC to participants; BE2 security expectations ~95% compliance
(SIRTFI, TLS, errorURL) - What practices, standards, would make federated access simultaneously easiest and most trusted access to resources?
- Perspectives from
- Possible areas for increased value:
- Mechanisms to promote increased value:
- Related Sessions at TechEx
- CTAB Meeting Agenda (Tuesday, 12/6 12:10PM MST)
- where should CTAB go next?
- How can CTAB help federation grow/scale/mature
- Purpose of CTAB; Members
- Review of 2022 CTAB workplan - progress/accomplishments
ttps://spaces.at.internet2.edu/display/ctab/ctab-2022-work-plan - (possibly a summary of intended projects from Fed Ops)
- Looking ahead
Next CTAB Call: Tuesday, Dec. 13, 2022