Minutes

Attending: Keith Wessel, Mark Rank, Steven Premeau, Janemarie Duh, Heather Flanagan, Judith Bush, Eric Goodman, Judith Bush, Mary McKee, Matt Brookover, Matthew Economou

With (Also Starring): David Walker, Ann West, David Bantz, IJ Kim, Steve Zoppi, Les LaCroix

Status Updates

  • T&I and Ops Updates
    • There was a new release of the Federation Manager.
    • There have been ongoing discussion with NIH about leveraging InCommon (and interfederated federations) to access their systems. The discussions have identified MFA, R&S, and identity assurance as the key issues. There will be a note to institutions that operate IdPs in the not too distant future.
  • CACTI Update
    • TAC’s OIDC Deployment group never finished (due to conflicting priorities for some members), so CACTI is considering if something more should be done. A call with Keith, Rob, and Ann will be set up to discuss what should be done and which group should do it.

Administrivia

2021 TAC Work Plan

  • Keith got a note from Steve Carmody, excited about the IdPaaS item and expressed need to track further developments.
    • Albert is working on next steps, relating IdPaaS to the Catalyst program. That will go to Steering with the work group report. TAC will need to address more specificity of what we want as this progresses.
    • Steve also mentioned the need to identify/market the value of federation for schools where research is not a major mission.
      • Heather: How does this impact TAC’s 2021 work plan? Ann: Steering is also looking into this; they should probably take the lead. (There was general consensus.)
    • Steve’s final issue: What are the threats to InCommon, technology-wise? Commercial products tend to take “one off” approaches.
      • EricG did a comparison of Okta and Shibboleth/InCommon a while back. He’ll look that up and forward if it seems relevant.
  • Keith: Are we biting off more than we can chew if we decide to do everything?
    • Mary: It may be better to do things when the time is right, rather than worry too much about what’s most important overall.

!! Zoom session ended a few minutes before the hour !! A few people reconnected…

  • There was general consensus that we can do everything, with the possible exception of the subject identifier issue. Keith will send mail to the TAC list, proposing that we accept the work plan with the exception that subject identifiers will be subject to further discussion.

Next Meeting -  Thursday, March 11, 2021 

Email Updates

International and SeamlessAccess Update


Subject:[TAC-InC] International and SeamlessAccess Update
Date:Wed, 24 Feb 2021 15:16:05 -0800
From:Heather Flanagan


International Update
REFEDS
The R&S 2.0 working group will continue its continues to make significant progress on the next revision of the R&S Entity Category. On the call this week, the participants started to review the newly drafted proposed text (https://docs.google.com/document/d/1kZMdQ_T2vJJY25HZonoxIXk8Y7TCmgFyRoJ2wu4SCi8/edit). 

As a reminder, the specification will go through the full community consultation process once the working group has achieved consensus on a draft.

Identiverse 2021
Identiverse is a dedicated IAM conferencehttps://identiverse.com/

IDPro
A new issue of the IDPro Body of Knowledge (https://idpro.org/body-of-knowledge/) will be published next month, and will include an excellent article on Policy-Based Access Control by TAC member Mary McKee. This resource is open to anyone to read, write, or engage as a reviewer. It will also serve as the core material (but not the only material) for an upcoming IDPro Foundational Certification exam.

IDPro is developing the first of what’s expected to be a series of certifications for IAM practitioners. The first exam will focus on an IAM practitioner with two years of experience. The goal is to have the first exam available for attendees at the upcoming Identiverse conference in June. More information will be available closer to the event. 

SeamlessAccess Update
SeamlessAccess is officially kicking off a new working group to focus on the issue of WAYF entry disambiguation. If you are interested in participating in this group, please send a note to contact@seamlessaccess.org. Initial meeting scheduling will happen the week of 1 March.

Heather Flanagan — Translator of Geek to Human
https://sphericalcowconsulting.com

CTAB Update


Subject:[TAC-InC] CTAB Update
Date:Wed, 24 Feb 2021 23:27:43 +0000
From:Eric Goodman


Albert and David should feel free to add/amend:

Main focus of the last call was two topics:

  • BE2 handling
    • InCommon is ramping up compliance checks around BE2
      • For now this excludes checking for TLS compliance, but includes checks for SIRTFI, https endpoints and Error Page
    • Planning to send notices to Site Admins and Site Execs about compliance status.
      • Working on details of what is included in the message and who gets what messages (going to audit, audit results, etc).
      • First notices are likely to come toward the end of this week!
  • NIH/Assurance general topics
    • Largely a discussion of the Assured Access Working Group (AAWG) activity
    • Focus is on adopting assurance profiles that work generally, with a focus on the NIH upcoming requirements
    • Discussed a lot of the same material that Kyle presented to us on the same topic, with some more detail from the AAWG discussion.
    • Noted that there’s building pressure from the community to receive guidance in various quarters.
      • Shooting for end of March to produce guidance with possible April IAM Online focused topic
    • Beyond the NIH requirements, how else can this be extended into a “standard research interop profile”

--- Eric

CACTI Update


Subject:[TAC-InC] CACTI update
Date:Wed, 24 Feb 2021 19:11:11 -0600
From:Les LaCroix


(Matthew E., hope I'm not stepping on your toes!  Please correct or extend as you'd like.)

CACTI had some substantial turnover at the start of the year, and it has taken a while to regain momentum.  One of the topics has been the "OIDC-OAuth Deployment Working Group".  The group was chaired by a former CACTI member, and didn't release a final report before the chair stepped away.  We are actively considering a number of next steps.

Also at the last meeting we considered a proposed charter for a MidPoint Working Group.  Rather than having a specific deliverable and timeframe, the MidPoint Working Group would be an ongoing group to represent the R&E community's needs and opinions to Evolveum.  We are continuing review and comments on the WG charter, and expect to vote soon about forming the group.

-Les



Subject:Re: [TAC-InC] CACTI update
Date:Thu, 25 Feb 2021 10:34:15 -0500
From:Janemarie Duh



Les, Matthew, and All,

RE: the OIDC Deployment WG, that was a TAC-chartered group. It wrapped up but Nathan Dors was tied up with some family issues, so the hand-off to the TAC didn't happen IIRC. Eric K-B became the TAC sponsor after Steve Carmody rolled off the TAC.

https://spaces.at.internet2.edu/display/ODWG

If there is something left to be done, the TAC should be involved, but that isn't my recollection. With Jessica gone, perhaps Emily might remember the details. The updates from the WG are in the TAC minutes, so there is that trail.

Thoughts, InCommon Folk?

               Janemarie

Federation 2.0 Update


Subject:[TAC-InC] Federation 2.0
Date:Thu, 25 Feb 2021 16:21:19 +0000
From:Bush,Judith


We’ve evaluated the “take aways” (conclusions) in the report against the contributions from community members and the future scenarios that were developed and  concluded that we’ve not dropped anything on the floor. We’ve cleaned out all the accumulated cruft in the document to better see where we are in completion of the report.

  • No labels