CTAB Call Tuesday May 30, 2023


Attending

David Bantz, University of Alaska (chair)  
Warren Anderson, LIGO
Tom Barton, Internet2, ex-officio  
Matt Eisenberg, NIAID  
Ercan Elibol, Florida Polytechnic University  
Eric Goodman, UCOP - InCommon TAC Representative to CTAB  
Mike Grady, Unicon 
Rick Wagner, UCSD 
Jon Miner, University of Wisc - Madison (co-chair)   
Johnny Lasker, Internet2
Kevin Morooney, Internet2 
Ann West, Internet2 
Albert Wu, Internet2  
Emily Eisbruch, Independent, scribe 


Regrets

Pål Axelsson, SUNET 
Richard Frovarp,  North Dakota State 
Scott Green, Eastern Washington U 
Meshna Koren, Elsevier
Kyle Lewis,  Research Data and Communication Technologies
Andy Morgan, Oregon State University 
Andrew Scott, Internet2 

Discussion

Federation Maturity - brainstorming session with Mural

  • see InCommon CTAB 2023 Work Plan,
    • see  item 4. Framing the next chapter of federation maturity
  • See also discussion from the May 16, 2023 CTAB call
  • There are many different use cases in our community
  • Baseline Expectations (BE) has focused on contact info and security
  • The hope is also is to promote trusted and scaled collaborations
  • Need clearer and more standardized integration and a better user experience
  • Range of needs
    • at Community Exchange, there was discussion on helping Tribal Colleges get up to speed with InCommon
    • at same time,  there are R1 institutions that need to engage with NIH with high levels of security
  • Don’t want to be exclusionary with focus on IAL 
  • Need guidance for everyone, be inclusionary
  • Encouraging Service Providers to easily enter federation is something that benefits all participants
  • Cloud First is often requested by campus leaders, it will be helpful if we can promote the idea of federation
  • Considering partners, it was mentioned that Educause has a different constituency in HE.  They may have better reach into small schools
    •  Educause is less active in issues related to IAM and federation than in the past. 
    • In recent years Educause has leaned into teaching & learning, privacy as augmentation to security convening

  • Potential Use Case:


    Some Ideas from the Mural brainstorm:

  • Federal Agencies - do we do more?
  • Investigate cases where federation considered but not adopted
  • What is the benefit of federation for some participants (eg small schools)?  How do we make it clear what that is? 
  • Is it important to have clearer/more specific integration criteria for vendors claiming “InCommon support”?
  • What do brand new InCommon participants need to do to be fully ready?
  • Is it important to federation to support common /  best IAM lifecycle practice? If so, how?  
  • Bilateral vs multilateral - is emphasizing the difference (rather than embracing both) good/bad?
  • How do we encourage stronger / standard identity assurance practice across a wide range of capabilities? 
  • Do we need to promote a common discovery experience?
  • Federated support - do we need to tackle support issues beyond security incident handling? How does a user get help, not end up in a support black hole? 
  • Are entitlement use cases “niche” ?  How many multi lateral SPs want IDPs defining user permissions? 
  • Future Technologies - do we do anything to provide roadmap/guidance? Ie life beyond R&E SAML
  • Where, if at all, does AI come into play?


Working Group updates (not discussed on this call)

  • InCommon TAC / CACTI
    • Notably, Browser Changes participation led to I2 moving to join W3C (Browser Changes work is moving within W3C)
    • Use of entity categories
    • ePSA
    • Where does SCHACHomeinstitution fit in
    • TAC reviewed various subgroup/project updates
    • SAML2Int implementation group discussion
    • Discussion of other TAC Work Plan items
  • Operationalizing Baseline Expectations
  • REFEDS MFA
  • REFEDs Assurance Framework (RAF): update (postponed at Kyle’s request)


Next CTAB Call:  Tuesday, June 13, 2023

    

  • No labels