Versions Compared

Old Version 8

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

compared with

New Version Current

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Tom Barton, U. Chicago
Ken Klingenstein, Internet2
Steven Carmody, Brown
Tom Zeller, U. Memphis
Ben Oshrin, Internet2
Ann West, Internet2
Emily Eisbruch, Internet2 (scribe)

HANDY LINKS:

...

  • For best practices for sharing Google docs, the instructional technology group at Brown is working on documentation, including best practices. The foundation of this work would be a Brown product, but it would be ideal to have community take ownership.
  • Ann remarked that the Brown experience could potentially make an interesting Advance CAMP presentation. 
  • Where should we post this information so folks know where to find it?
  • Documentation on replicating groups from Grouper to Google could be a contribution to the Grouper wiki. 
  • However, the federated Google docs usability documentation might been be a new category of information. 
  • TomB requests sensible guidance on how to get the word out and make the key information available. The ACAMP action item wiki is not intended to be a permanent home for such detailed information.
  • An  IAM online webinar would be a good idea, however that does not resolve the question of where to post information in the long term for the community's reference.
  • Could users of Google docs and Google groups create a group similar to an InCommon community group? Steven noted that there are many schools starting to do this work now, possibly including Michigan State and University of South Florida, who were at the 2010 ACAMP.

...

  • There are about 6 people involved in these conversations 
  • The plan is to make the API more complex as use cases arise 

...

Q: How should we inform the community about this work,  and promote others to consider adoption? 

 ================

- TomZ's Update

TomZ took the lead on the action item Determine How Federated Provisioning Should Work and Participate in SPML Standards Work to Support It

  • It’s difficult to pin this down and find a proper home for it. Thinking of moving under FIFER.
  • TomZ has been working with Chad re integration of Shib and Grouper for provisioning
  • They are considering creating a provisioning API of some sort 

Q: What would be the objectives for this effort? 

  • Possibly to implement the SAML change draft spec
  • The idea would be to have Shib support it and have LDAPPC consume these messages, using the new SAML approach 
  •  Not sure SPML is much of a player these days, although It’s there and we should support it.

Q:  What about change notification? 

  • There is an OASIS  change notification draft, (SAML V2.0 Change Notify Protocol Version 1.0), being supported by Oracle and Nokia Siemens:  http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-notify-protocol/v1.0/csd01/sstc-saml2-notify-protocol-v1.0-csd01.html
  • This draft supports various profiles 
  • We would write the Java code to handle the messages
  • Need to provide "wiring" (a source system plugged into an IdP)
  • This is based on a push model 
  • It’s a push system to tell a target that something has changed 
  • For example, U. Memphis tells Google Groups that something has changed, and then Google calls back and asks what  has changed
  • This is still in the discussion phase, no code is written 
  •  Would like to have a use case for initial implementation of design

Q: Where to put code or documentation that results from this work? 

A: TomZ: need to investigate licensing issues

Suggestion that TomZ discuss this work with Paul Hill.

 ================

Overarching Framework and Possible Gaps

Ken asked a two-part question:

1. Do the various parts fit together into an overarching framework? 

 and

2. Do we see gaps in the work?

Is the concept of federation an anchoring concept throughout the work on these action items? 

  • Steven noted that he is writing a vision document for the Brown the IdM system.  He sees that the IAM Diagram needs some updating, for concepts like social identities and VOs
  • IAM diagram is seen at http://www.internet2.edu/pubs/IAM-infosheet.pdf 
  • The vision of how things fit together has changed somewhat 
  •  But Steven does not see huge gaps, and he believes the overarching vision on that diagram is still valid
  •  The landscape includes research campuses, research labs , VOs , global interfederation, social identities.
  • Prior to 2011 Spring Member Meeting, Steven will be circulating his draft vision document to some set of people, many of whom are on the call. 
  • So Steven's vision document could serve as a trigger for thinking about how to update the diagram.Q: What about VO's? 
  • How much of the IdM work done to date has analogous developments in the research community? The diagram presents an enterprise view, but does it all have resonance for VOs? 
  •  Steven says, yes, VOs are operationally going to exist on some spectrum here. 
  •  Some VOs want to get as much help from central IT as possible, at the home campus for one of the PIs 
  •  Some VOs will want to do all the IdM work on their own 
  •  There will also be hybrids 

Onboarding

  • TomB stated that a possible "gap" area, needing more work is in the area onboarding, though "onboarding" may be an overused term.
  • Don’t want SSNs or Drivers License in the process 
  • But need to know: Is this a person we have a record for, or is this someone new? 
  • U. Chicago is working on this issue

 ================
Reflections on the Action Item Follow-Up Process

How should we change or improve the process of birthing and nurturing work items for the community?

Should we treat some differently than others ?

  • Benn: Don’t discourage people, but try to align ideas w problems someone needs to solve 
  •  Action Items driven by a campus need or a concrete use case fare better
  • Concerning a 2010 action item on which progress was not recorded on the ACAMP Action Item wiki... (  "Determine next steps for integration of social networking tools with campus IdM"), Steven noted that Chris Hubing at Penn State has in fact made substantial progress. http://thundercougarfalconbird.et-test.psu.edu/blog/
  • Ken noted that topics related to social networking tools could be excellent grist for the MACE/Salsa Dinner at 2011 SMM.
  •  
  • Q:  Is there interest in doing the same Action Item process again as an outgrowth of the  2011 ACAMP?
  • Consensus was that yes, this process was lightweight but it got the job done