Attending:  Brad Christ, Ann West, Dave Robinson, Christine, Jeff Erickson, Chris Misra, Marc Wallman, Laura Paglione, Rachana Ananthakrishnan, Jim Stewart

Regrets: 

With: Elaine Alejo, Kevin Morooney, Steve Zoppi,  David Bantz, Warren Anderson, David Walker, Keith Wessel, Albert Wu, Romy Bolton


Agenda: 

  1. CTAB Working Group Report - Operationalizing Baseline Expectations (David Bantz, et al. 25 minutes)
    1. Working Group Recommendations
    2. B.E. Operations Worksheet

  2. TAC Working Group Report - Federation Proxies in InCommon (Keith Wessel, et al. 25 minutes)
    1. Working Group Charter
    2. Working Group Report
    3. Slides
    4. Framing document from TechEx 2022
    5. Background primer

      1. Federation Proxies in InCommon

        A “federation proxy” is a type of Service Provider that bridges federated user access to a group of services. Federation proxies extend the reach of federated access, especially important for research cyber infrastructures, thereby adding value to federations like InCommon. But a federation proxy might also undermine its value when used more as a boon to the provider’s bottom line than to enable academic pursuits.

        A group convened by InCommon’s Technical Advisory Committee recently completed a review of the effect of various types of federation proxies on federation. Perhaps their main observation is that these are lumped together with other Service Providers in the Participation Agreement and associated guidance, and hence their unique relationship to InCommon, which is not the same as that of a vanilla Service Provider, is not recognized and taken into account:

          - They may onboard services that otherwise would need their own membership agreement with InCommon.
          - They may enable a mission not entirely aligned with that of InCommon.
          - They may profit monetarily by selling their federation access to other services.
          - Their proxied services need not share the same requirements for identity attributes and thus data minimization may not be realized.
          - They need not provide transparency of the proxied services available to current and prospective InCommon Participants.

        In their report, the group recommends that InCommon undertake a review of the Participation Agreement and associated guidance and fee structures to identify ways those might be improved to take considerations like these into account.

    6. The Recommendations(s):
      1.  Placement of the "Framing a Discussion to Foster SP Middlething Deployments" and "Formalizing the Role of Federation Proxies" within the InCommon Federation documents into the T&I document repository.
      2. Chartering of a formal working group to shepherd the recommended work (so that it can be announced at TechEx).

  3. Futures2 Update (Ann West, et al. 5 minutes)

  4. Nominations reminder (Kevin Morooney, 5 minutes)

Minutes:

Futures2 update:

  1. We have accepted the plan from Second muse and they have finished focus group meetings with advisory groups, catalysts, developers and staff. 
  2. They will be going out to look at other trajectories 
  3. They will be doing some one on one interviews and developing the first round of recommendations towards the end of Oct beginning of Nov.
  4. Marc and Kevin will kick off tech ex with an update

Nominations  reminder:

    1. 4 members falling off
    2. Jeremey stepping down
    3. Laura will roll off
    4. 4 seats up,  2 will reserve
    5. 2nd week of Sept get your nominations in so that we can do our welcome in December

InCommon Nominations: can be made here https://incommon.org/community/leadership/join-incommon-advisory-committees/


CTAB working group report:

Why is it important?

We are behind the curve with respect to FPs, we need to change that

  • We are, at times, obstacles to progress, rather than solution providers.
    •  FPs can help regionals that are planning to operate support federation for smaller institutions.
    •  US government agencies are moving in this direction. We are not prepared for that.
    •  InCommon Catalyst partners are already deploying Federation Proxies for their customers.
    • They need guidelines to help them do this without impacting Participants’ expectations for mutual trust.

Would like to promote this working group at tech ex to get others help

Steering approval needed?   Looking to charter a group to propose changes 

David Walker- makes sense for us to recognize this is part of our mission,  also message to make sure the message is getting out that we want to foster this 

There was concern about the wording of the charter- last sentence- can it stand without the last sentence. Keith wessel says they will strike the last sentence

"But a federation proxy might also undermine its value when used more as a boon to the provider’s bottom line than to enable academic pursuits."

Vote was taken for approval  of the  2 documents- framing  and approval to spin up the group

Motion made by Jeff Erickson,  second by Laura Paglione

All in favor- passed anonymously

Jeff Erickson mentioned that he was  responsible for the FP at NIH, and  would be happy to send someone to participate in the working group.  Just let him know if you need someone and where to send them.  

Warren also said he  would be interested in participating in further work on proxy guidelines.

Warren went through his slides on CTAB working  group:  https://docs.google.com/presentation/d/1PcSOGs-_PK-VI91ncZi5VHQHb9nAweMoGkRV06bT6Lo/edit#slide=id.p1

We still have some questions : What if an entity falls out of compliance with BE?  Who is responsible?  What is the process?

Working group process- group meets biweekly from Feb- to May, open to all CTAB members and others

Takeaways:

 InC operations should take the lead on reaffirming entities meet BE

Process will be ongoing and cooperative

BE’s fall into two general categories and different BEs probably require interactions with different people

Verifiable via automated process

Verifiable via attestation of participant

Next steps: 

Automated testing procedures are straightforward, but interactions with participants  are more challenging

Should try to leverage the federation manager as much as possible for interactions

Substantial UI/UX complexity

InC Operations looking at details and will circle back when they are ready for input

Questions:

The group discussed the challenges of having up to date contact information and suggestions on how to keep the list up to date and clean up the contact list. Being the oldest and largest federation are problems are more complex.

Ann West  Sweden has about 30  institutions- we were the first federation to have BE requirements and enforced them

If you go to https://met.refeds.org/ and mouse over nations, you’ll see the number of entities in a federation.


TAC report- Keith

Went over the work done the last year by TAC, see links above

Looking for signoff from Steering


Next  call  October , 2023

Meeting adjourned


  • No labels