Minutes
Attending: Matthew Brookover, Judith Bush, Janemarie Duh, Matthew Economou, Heather Flanagan, Les LaCroix, Mary McKee, Steve Premeau, Mark Rank, Keith Wessel
With (Also Starring): David St. Pierre Bantz, Johnny Lasker, Nicole Roy, David Walker, Ann West, Albert Wu, Steve Zoppi
Regrets: Eric Goodman
Status Updates
- T&I and Ops Updates
- NIH has started sending notices to individual users (not necessarily IT people) about their new requirements. InCommon is about to send notices to affected IdP administrators.
- Cirrus is also posting some information (mostly linking back to InCommon).
- Albert posted NIH eRA MFA Requirements Readiness Guide for IdP Operators in the chat.
- NIH has started sending notices to individual users (not necessarily IT people) about their new requirements. InCommon is about to send notices to affected IdP administrators.
- Working and liaison group updates
- David Bantz reported that Baseline Expectations is moving along well.
- Interestingly, there were more questions in recent office hours about integrating Azure IdPs into InCommon than about Baseline itself.
- David Bantz reported that Baseline Expectations is moving along well.
Time to think about nominations and election
- We usually advertise the nomination process in October.
- Opportunities for outreach
- There is an existing "how to participate" page in InCommon's web site. We can tailor and promote it for this year's recruitment.
- There’ll be an IAM Online for TAC in the not-too-distant future. Selection of which working groups to involve will be in September.
- Ann said a heads up can be added to the August newsletter.
Next chapter to InCommon Discovery Service
- Albert reviewed the options in Discussion: Next Steps for the InCommon Discovery Service. TAC to be aware of the issues and advise Steering.
- The options outlined for InCommon are:
- A: Drop any central InCommon support for InCommon (i.e., continue our position that SPs should use embedded discovery)
- Mary observed that creating an embedded discovery is intimidating for SP operators.
- Nicole observed that MDQ makes embedded discovery (option A) less sustainable than when InCommon first adopted that strategy.
- B: Continue to support InCommon's central discovery service
- The group was unanimous that option B is not the right one.
- C: Encourage use of Seamless Access, possibly also hosting a portion of its infrastructure
- The decision of whether to host a portion of the infrastructure is more business than technical.
- A: Drop any central InCommon support for InCommon (i.e., continue our position that SPs should use embedded discovery)
- The options outlined for InCommon are:
- TAC's recommendation is option C.
- A summary document will be written for Steering, including some thoughts about whether to support the infrastructure.
- Matthew Economou, Mary McKee, Mark Rank, and Albert Wu have volunteered to write a draft, although everyone is busy, so this will be in October.
- A summary document will be written for Steering, including some thoughts about whether to support the infrastructure.
Deployment Profile Recommendations - next steps
- There were only a few minutes left for this topic, but it was suggested that specification for testing come from a working group (or TAC subgroup), rather than InCommon Operations. Keith and Janemarie (in her role with the more general Federation Test Working Group) will discuss between now and the next TAC call.
EMail Updates
International, SeamlessAccess, and Browser Interactions updates
| Subject: | [TAC-InC] International, SeamlessAccess, and Browser Interactions updates |
|---|---|
| Date: | Thu, 12 Aug 2021 06:41:12 -0700 |
| From: | Heather Flanagan |
International Update
REFEDS continues to do its thing(s). SIRTFI, Assurance, Federation 2.0, and R&S continue to meet regularly, albeit with a slightly slower cadence over the summer. SIRTFI is focused on what needs to be in 2.0 (see the top of their meeting notes for the list under consideration: https://docs.google.com/document/d/1aP5R8FRP5r2YMy4P_TeyzK9Tb1I_fENU7b6vNEk3rGc/edit#) The Assurance working group is focused on the REFEDS Assurance Framework (RAF) 2.0, though most of the group's energy is probably in the MFA subgroup (which is on summer break).
R&S 2.0 meets roughy every other week, and the current focus is on a spec that does not focus on classifying the RP in anyway; instead, we're focused on the attributes being released. The current draft of the new spec, currently called Personalized Authorization (though that name is likely to change), will likely be ready for public comment in the September/October time frame.
SeamlessAccess
SeamlessAccess welcomed a new publisher, Emerald Publishing, and is looking forward to the Journal of the American Medical Association and SAGE Publishing to be integrating with us as well.
Also, the SeamlessAccess Outreach team has released a new video, "SeamlessAccess and the User Journey." This video describes the early researcher point of view of federated authentication, and how Seamless Access makes the process much more straightforward and simple. Narrated by Georgetown University nursing student Esther Yang. You can find that video and others on the Learning Center page: https://seamlessaccess.org/learning-center/
Browser Interactions
The Federated Identity Community Group (fedidcg) had its first formal meeting on 9 August and has agreed to Heather Flanagan as chair and Tim Cappalli as co-chair. Meetings will be held on a biweekly schedule, alternating between EU/Americas-friendly timing and APAC-friendly timing. Our next call is 20 August and will drill down into making sure the participants are clear on the problem statement, as we've noticed that not everyone has the same understanding of what "tracking" means.
Meanwhile, browser vendors continue to do what they can unilaterally to address tracking concerns. Firefox has released Firefox 91, adding "Enhanced Cookie Protection" that will allow a user to clear all cookies set by a domain, as opposed to clearing all cookies for a domain. See https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/ for more details.
And finally, one of the groups that has been working in the federation / browser space, the OIDF Browser Interactions special interest group, has officially closed in favor of the fedidcg.
Federation 2.0
| Subject: | Re: [TAC-InC] [External] International, SeamlessAccess, and Browser Interactions updates |
|---|---|
| Date: | Thu, 12 Aug 2021 16:44:11 +0000 |
| From: | Bush,Judith |
The Federation 2.0 working group is approaching completion of our report.
We’ve invited those who participated in the long journey (by attending working group meetings or the scenario writing workshop) to consider becoming authors To them, we noted ”news” that folks who left shortly after the scenarios would have missed:
First, we identified a thing that we all know about but we didn't have a clear term for. We've coined Academic interfederation to describe the global reach that participation in a national federation provides. Secondly, we suggest that the first step is that we establish effective global leadership, advocacy, and governance. Visible leadership at a global scale seems to be needed if we are to prevent many of the negative outcomes of the scenarios.
A static draft of where we are is at:
https://docs.google.com/document/d/1m3qN2w77kyvtMiXx3J4RxK6OGLSycTnQQ19wej8zZb4/edit?usp=sharing
Federation Test Working Group
| Subject: | [TAC-InC] Fed Test WG |
|---|---|
| Date: | Thu, 12 Aug 2021 12:53:40 -0400 |
| From: | Janemarie Duh |
Hello,
This isn't so much as an update but rather a note to ask whether we are good with the outcome from the last call? The way I remembered it was that we'd continue the conversation.
It feels like there might be more to hash out before we pass the work to Ops rather than to a working group. If anything, we need to tell the community that plans have changed.
Janemarie