Minutes
Attending: Keith Wessel, Mark Rank, Steven Premeau, Janemarie Duh, Heather Flanagan, Judith Bush, Eric Goodman, Judith Bush, Mary McKee, Matt Brookover, Matthew Economou
With (Also Starring): David Walker, Ann West, David Bantz, IJ Kim, Steve Zoppi, Les LaCroix
Status Updates
- T&I and Ops Updates
- There was a new release of the Federation Manager.
- There have been ongoing discussion with NIH about leveraging InCommon (and interfederated federations) to access their systems. The discussions have identified MFA, R&S, and identity assurance as the key issues. There will be a note to institutions that operate IdPs in the not too distant future.
- CACTI Update
- TAC’s OIDC Deployment group never finished (due to conflicting priorities for some members), so CACTI is considering if something more should be done. A call with Keith, Rob, and Ann will be set up to discuss what should be done and which group should do it.
Administrivia
- If you would like a profile URL posted for you on the TAC membership web page, please add it to https://docs.google.com/spreadsheets/d/1_qU618hM2g9Cip2Qk1Ai1ywsRf8b1tL1cK18g53R0Ms/edit#gid=0 before our next meeting (3/11/2021).
- Albert sent mail yesterday highlighting the new areas in the InCommon Federation Library. We’d particularly like input on the SP Onboarding section.
- FYI, there’ll be a new Zoom URL for TAC calls soon, due to Dean’s retirement.
- The IdPaas Working Group report consultation closed; there were no comments. Keith will take it to Steering for final approval.
2021 TAC Work Plan
- Keith got a note from Steve Carmody, excited about the IdPaaS item and expressed need to track further developments.
- Albert is working on next steps, relating IdPaaS to the Catalyst program. That will go to Steering with the work group report. TAC will need to address more specificity of what we want as this progresses.
- Steve also mentioned the need to identify/market the value of federation for schools where research is not a major mission.
- Heather suggested linking with innovation initiatives among colleges that may not even know about InCommon. (https://www.usnews.com/best-colleges/rankings/national-liberal-arts-colleges/innovative )
- Albert: We are research oriented, so our tools/services are, too.
- SeamlessAccess, with its initial focus on libraries, is a good hook for non-research colleges.
- Open source solutions do not dominate in this space.
- Heather: How does this impact TAC’s 2021 work plan? Ann: Steering is also looking into this; they should probably take the lead. (There was general consensus.)
- Steve’s final issue: What are the threats to InCommon, technology-wise? Commercial products tend to take “one off” approaches.
- EricG did a comparison of Okta and Shibboleth/InCommon a while back. He’ll look that up and forward if it seems relevant.
- Keith: Are we biting off more than we can chew if we decide to do everything?
- Mary: It may be better to do things when the time is right, rather than worry too much about what’s most important overall.
!! Zoom session ended a few minutes before the hour !! A few people reconnected…
- There was general consensus that we can do everything, with the possible exception of the subject identifier issue. Keith will send mail to the TAC list, proposing that we accept the work plan with the exception that subject identifiers will be subject to further discussion.
Next Meeting - Thursday, March 11, 2021
Email Updates
International and SeamlessAccess Update
Subject: | [TAC-InC] International and SeamlessAccess Update |
---|---|
Date: | Wed, 24 Feb 2021 15:16:05 -0800 |
From: | Heather Flanagan |
International Update
REFEDS
The R&S 2.0 working group will continue its continues to make significant progress on the next revision of the R&S Entity Category. On the call this week, the participants started to review the newly drafted proposed text (https://docs.google.com/document/d/1kZMdQ_T2vJJY25HZonoxIXk8Y7TCmgFyRoJ2wu4SCi8/edit).
As a reminder, the specification will go through the full community consultation process once the working group has achieved consensus on a draft.
Identiverse 2021
Identiverse is a dedicated IAM conferencehttps://identiverse.com/.
IDPro
A new issue of the IDPro Body of Knowledge (https://idpro.org/body-of-knowledge/) will be published next month, and will include an excellent article on Policy-Based Access Control by TAC member Mary McKee. This resource is open to anyone to read, write, or engage as a reviewer. It will also serve as the core material (but not the only material) for an upcoming IDPro Foundational Certification exam.
IDPro is developing the first of what’s expected to be a series of certifications for IAM practitioners. The first exam will focus on an IAM practitioner with two years of experience. The goal is to have the first exam available for attendees at the upcoming Identiverse conference in June. More information will be available closer to the event.
SeamlessAccess Update
SeamlessAccess is officially kicking off a new working group to focus on the issue of WAYF entry disambiguation. If you are interested in participating in this group, please send a note to contact@seamlessaccess.org. Initial meeting scheduling will happen the week of 1 March.
Heather Flanagan — Translator of Geek to Human
https://sphericalcowconsulting.com
CTAB Update
Subject: | [TAC-InC] CTAB Update |
---|---|
Date: | Wed, 24 Feb 2021 23:27:43 +0000 |
From: | Eric Goodman |
Albert and David should feel free to add/amend:
Main focus of the last call was two topics:
- BE2 handling
- InCommon is ramping up compliance checks around BE2
- For now this excludes checking for TLS compliance, but includes checks for SIRTFI, https endpoints and Error Page
- Planning to send notices to Site Admins and Site Execs about compliance status.
- Working on details of what is included in the message and who gets what messages (going to audit, audit results, etc).
- First notices are likely to come toward the end of this week!
- InCommon is ramping up compliance checks around BE2
- NIH/Assurance general topics
- Largely a discussion of the Assured Access Working Group (AAWG) activity
- Focus is on adopting assurance profiles that work generally, with a focus on the NIH upcoming requirements
- Discussed a lot of the same material that Kyle presented to us on the same topic, with some more detail from the AAWG discussion.
- Noted that there’s building pressure from the community to receive guidance in various quarters.
- Shooting for end of March to produce guidance with possible April IAM Online focused topic
- Beyond the NIH requirements, how else can this be extended into a “standard research interop profile”
--- Eric
CACTI Update
Subject: | [TAC-InC] CACTI update |
---|---|
Date: | Wed, 24 Feb 2021 19:11:11 -0600 |
From: | Les LaCroix |
(Matthew E., hope I'm not stepping on your toes! Please correct or extend as you'd like.)
CACTI had some substantial turnover at the start of the year, and it has taken a while to regain momentum. One of the topics has been the "OIDC-OAuth Deployment Working Group". The group was chaired by a former CACTI member, and didn't release a final report before the chair stepped away. We are actively considering a number of next steps.
Also at the last meeting we considered a proposed charter for a MidPoint Working Group. Rather than having a specific deliverable and timeframe, the MidPoint Working Group would be an ongoing group to represent the R&E community's needs and opinions to Evolveum. We are continuing review and comments on the WG charter, and expect to vote soon about forming the group.
-Les
Subject: | Re: [TAC-InC] CACTI update |
---|---|
Date: | Thu, 25 Feb 2021 10:34:15 -0500 |
From: | Janemarie Duh |
Les, Matthew, and All,
RE: the OIDC Deployment WG, that was a TAC-chartered group. It wrapped up but Nathan Dors was tied up with some family issues, so the hand-off to the TAC didn't happen IIRC. Eric K-B became the TAC sponsor after Steve Carmody rolled off the TAC.
https://spaces.at.internet2.edu/display/ODWG
If there is something left to be done, the TAC should be involved, but that isn't my recollection. With Jessica gone, perhaps Emily might remember the details. The updates from the WG are in the TAC minutes, so there is that trail.
Thoughts, InCommon Folk?
Janemarie
Federation 2.0 Update
Subject: | [TAC-InC] Federation 2.0 |
---|---|
Date: | Thu, 25 Feb 2021 16:21:19 +0000 |
From: | Bush,Judith |
We’ve evaluated the “take aways” (conclusions) in the report against the contributions from community members and the future scenarios that were developed and concluded that we’ve not dropped anything on the floor. We’ve cleaned out all the accumulated cruft in the document to better see where we are in completion of the report.