Minutes
Attendees: Joanne Boomer, Andy Morgan, Matthew Economou, Grady Bailey, Björn Mattsson, Judith Bush, Marina Krenz, Steven Premeau, John Bradley, David Walker, Andrew Scott, Kathy Wright
Regrets: Mark Rank
Reps from other Groups: Judith Bush (CACTI)
Staff / SME: [at community exchange]
Scribes: Grady Bailey, Andy Morgan
Starting up 2024 WG’s
- Federation Proxy Working Group (Derek E)
- Will be a formal working group
- Federation Testing Working Group (Matthew E)—draft charter here
- Survey of existing audience - very high-level. Determine needs. Report delivered by TNC.
- Current good federation practice (beyond minimums). Unclear currently. Linked in “References” of draft charter.
- Ratings guide > Use survey and good practices as inputs - emulate Qualys SSLabs?
- Draft charter in-progress. Still work to do.
- Goal: If you’re an IdP or SP, how do you know if things are working
- Tools for advocating change within community
- Set a narrow scope so we can deliver over a short time-frame
- Three things to deliver now:
- How do we define what “works properly” means?
- Protocol conformance out of scope for testing - more concerned with higher-level
- Attribute release and consumption
- Goal is to create the Requirements document for “works properly” (ratings guide), not to implement or design the testing service itself
- Is this a formal working group or not? TAC says FORMAL
- SAML Subject Identifier Adoption Group (Joanne B)
- Draft guidance, then push adoption
- Should this be a formal group or not?
- Guidance for IDPs and SPs
- David Walker - should be formal group because implementation is next
- Does the formal process slow things down, especially when there may be conflict?
- Asking for community engagement is a great idea
- Now it’s time to ask people to get involved in specific working groups
- Grady Bailey - proxy WG
- Matthew - testing WG
- Bjorn - testing WG
- Andy M - Subject Identify WG
- David W - proxy WG
- Steven Premeau - subject identifier WG
- John Bradley - testing WG
- Marina - subject identifier WG
Community consultation logistics for * Access Category Deployment Guidance
- Formal consultation
- Albert thinks 15-30 days for this
- Judith - 30 days sounds right, 15 days is too short
- Rejections, modifications, etc
- When? Get Albert’s help
- Academic calendar consideration (May-June is a busy time)
- Consensus is 30 days
- Output of this would be good lead-in to the subject identifier WG
- Draft guidance doc
Updates
- FedCM community group (Judith)
- Trust is at the origin. Any page at the origin may request an authentication response. Sometimes multiple RPs at an origin
- Why are the SAML people sad?
- Proxy/chaining is really bad in FedCM
- How does the trust model map to what we have/need?
- https://wiki.refeds.org/display/GROUPS/2024-03+How+FedCM+does+not+support+SP+initiated+SAML+profile+as+alternate+binding
- Does “string” mean short or up to 100k?
- Current FedCM implementation is focused on third party cookies
Next Meeting @ March 21, 2024