...
Working Group Updates
- InCommon TAC (David B)
- Consultation for REFEDS Access Entity Categories Deployment Guidance
(more for CTAB in next agenda item) - Charter for InCommon Federation Proxies Working Group
- A continuation of over two prior years of effort looking at proxies, which are a common architectural pattern on resource provider side especially for research orgs (such as LIGO). There is a reliance on knowing the right thing to do. This is what AARC Blueprint helps codify this info. It includes policies and practices. Perhaps InCommon should highlight that. Goal is to amplify and raise awareness.
- “AARC Blueprint…a clear starting point”
- New AARC project (AARC-TREE) to update AARC: https://www.egi.eu/article/aarc-tree-kickoff/
- As we introduce recipe books to help fill the gap, we can start from the AARC Blueprint
- The AARC blueprint is being refined, a 2-year project
- Today InCommon assigns SP to any proxy.
- Perhaps InCommon should recognize proxies as a different actor from other SPs
- Consultation for REFEDS Access Entity Categories Deployment Guidance
- FIM4R is also looking at the proxy space
- Is REFEDs looking at the proxy space also?
- Not this year, perhaps in the future.
- InCommon Steering (David B)
- InCommon leadership described several threads of new work to implement the goals and recommendations in the InCommon Futures2 report, https://internet2.edu/wp-content/uploads/2024/03/InCommonFutures2-Strategy-Report-March2024.pdf including reallocation of resources for the new initiatives. Theme of broadening the InCommon community. Collaborative work among institutions will be key. Want to keep the broad community informed as we move along in implementation.
- (sub-points here not for published notes)
- “Refresh IAM function and architecture blueprints for unique research and higher education use cases” & align CTAB & other advisory group work plans with that goal
- “Partner with at least one HE consortium interested in enhancing their curricula’s through leveraging shared infrastructure for access to shared courses”
- “Partner with key Federal Agencies” - shareable toolkit & training; foster resources leveraging InC
- CACTI: (Gabor & Richard)
- Discussion about next steps for NGCWG (Next-Gen Creds Working Group)
- Discussion about InCommon as a Trust Registry for Entities participating in a world of Verifiable Credentials (as suggested by Dmitri Z. from Digital Credentials Consortium). Likely a new CACTI working group will be formed to compile requirements.
- Discussion about eduRoam
- Directing eAC (eduRoam Advisory Committee) to develop baseline expectations for eduRoam. Will be advised to reach out to CTAB due to our experience with such a process. (Might include potentially pivoting from non-TLS RADIUS protocols to improve security)
- NIST 800-63A comparison to RAF2 IAP/high
- White paper initially complete, out to a few informal readers for feedback
- Hope to come back to this at a future call
Deployment Guidance for REFEDS Access Entity Categories (Albert)
- Announcement: https://incommon.org/news/incommon-federation-community-consultation-through-april-30/
- Please provide your feedback
- Potential CTAB implications: this is being put forward as best practice. Will CTAB in the future want to advocate adherence as a community?
SIRFTI 2 - introducing into Baseline Expectations? (Albert)
- Impact, timing
- Difference between SIRTFI 1 and SIRTFI 2 is around requirement for practitioner to respond to incidents
- Albert suggests that as part of attestation to baseline expectations, we ask orgs to acknowledge adherence with SIRTFI 2.
- This is part of the next chapter of operationalizing baseline expectations.
- This would involve a community consultation to be sure the community wants this addition of SIRTFI 2 to the attestation.
- AI - Albert will create a written proposal on this approach
...