Page History

InCommon TAC Meeting

...

Minutes - June 25, 2015

Thursday, June 25, 2015
1:00pm ET | 12:00pm CT | 11:00am MT | 10:00am PT

Dial-in Information

+1-734-615-7474 (preferred) (use this number unless you pay for long distance)
+1-866-411-0013 (US and Canada) (use this number if you pay for long distance)

Access Code: 0139713#

eDial: http://edial.internet2.edu/call/0139713

SIP: sip:session_0139713@edial.internet2.edu

If you are on a phone lacking a mute button, you can mute your phone via eDial by pressing ##1. To unmute, press ##1 again.

Agenda

1. Please review carryover action items
   1. See this marked up list of action items
2. Acceptance of minutes from TAC Meeting 2015-06-11
3. Federation Interop WG: Scoping and other issues (Discussion with WG Chair, Walter Hoehn)
4. IdPoLR update and next steps (Ann, Keith)
5. Issues regarding Metadata for the InCommon Steward Model (David, Mike Zawacki, TomS)
6. (your agenda item here)

Informational Items

1. Research & Scholarship activity since June 11, 2015
   
   • The following SP has been approved for R&S: None
   • The following IdPs have declared support for R&S:
     
     • University of Massachusetts Amherst declared support for local R&S on June 12, 2015
2. SAML Software Requirements
3. (your info item here)

Carryover Action Items

1. Steve Carmody will draft a wiki page outlining the steps involved in creating a category
2. John will discuss with TAC how the Google OpenID Gateway might be operated and/or funded
3. TAC will develop a recommendation for the potential necessary resources for eduGAIN implementation.
4. John and Steven will review the Phase 2 Recommendations and propose to TAC a list of items that need to be addressed as a result of accepting the Recommendations
5. John Krienke will distribute a list of outcomes related to the MD-Distribution recommendations
6. John Krienke will implement a policy review regarding whether SP registration of keys could be made optional.
7. Steve Carmody and John Krienke - Take to Steering for a policy discussion the issue of maintaining/guaranteeing the strength of the trust fabric through proactive scanning and probing of entities on behalf of the federation and its participants.
8. Scott Cantor will continue to push discussion of the Affiliation-Based Access category and a library services category (proposed by SWITCH) and represent the TAC’s support for both.
9. Ann West will bring up with the InC-Student working group the issue of R&S attribute release and its relationship (or not) to students who invoke the FERPA opt-out.
10. Tom Scavo and Tom Barton will work on making available to campuses the InCommon scripts used to identify SP’s with endpoints that are not compatible with SHA-2.
11. TAC members will review the original strategic priorities document and propose priorities for the rest of 2014.
12. Tom Barton, Chris Misra, and Nick Roy (should he accept), and one or two members of Assurance Advisory Committee (AAC) (should they accept) will develop a list of first steps that InCommon might take vis a vis future security issues like Heartbleed.
13. Steve Carmody will contact Nick Roy and the AAC leadership about participating in the Heartbleed group.
14. Steve Carmody will initiate the process of developing a working group to deal with the larger gateway and interfederation issues.
15. Steve Carmody will compare the priorities spreadsheet discussed today with the original TAC document on InCommon strategic priorities and call out major differences
16. Scott, David, and TomB will reformulate the text in section 7.2 of the FOPP. The group will also look at the text in section 9 in light of the Google Gateway and eduGAIN but that may be deemed out of scope initially.
17. Ann will keep TAC in the loop with respect to the Steering group working on eduGAIN policy issues.
18. Steve C. will send a note to Nicole Harris asking that she accept proposed changes through the end of August.
19. John K. will ask Comodo about moving to support SHA2 in the other CAs, specifically to meet a Microsoft deadline of January 2016.
20. Steven Carmody and Keith Hazelton (and whomever else wishes to) will edit these for clarification and to send to Steering Program subcommittee.
21. Prior to the break, Steve Carmody will develop a scope of work for an “eduGAIN punch list”
22. Steve Carmody will communicate the Alternative IdP Working Group final report and recommendations to Steering.
23. Steve, Ann, Dean and Michael will draft a proposal to address TAC member responsibilities, TAC transparency, and related processes.
24. Steve Carmody will send email looking for a chair for the MD Distribution WG

25. Ann will talk to Jacob Farmer about participating in developing the charter for the Baseline Practices WG.

26. Keith Hazelton and Ann West will edit the appropriate pages to make clear that URLs are as good and possibly better than URNs for entitlement values, etc. They will also add a page to the wiki that makes the case for URLs over URNs.

27. Steve Carmody and Nick Roy will recruit non-usual suspects to join the Best Practices Working Group. We need to make sure that these baseline practices are achievable for smaller institutions.

28. Nick Roy will outline the predecessor/successor relationships among the priorities to determine sequence and need-by dates. David and Ann will assist. This will be circulated to TAC and AAC.

29. Tom Barton will develop a WG charter re: how to coordinate incident response

30. Paul Caskey will take charge of this goal “Making Federation Easier”

31. Steven Carmody and Michael Gettes will develop a short white paper to document the requirements and goals related to attribute release.

32. Those on the TAC call voted to accept the External Identities WG report. Steve Carmody will send email to the TAC list asking for confirmation from those not on the call, and also include information about next steps.
33. Dean Woodbeck will consider where to publish the External Identities Working Group report.
34. Steve Carmody will take the External Identities report, along with recommended next steps, to Steering.
35. Steve Carmody will send email to the TAC list seeking confirmation of acceptance of the IdP of Last Resort WG report from those not in attendance.
36. Steve Carmody will send email to the TAC list asking for approval of the revised Federation Interoperability WG charter.
37. Steve Carmody will contact Jacob Farmer (char of the AAC) asking the AAC to begin work on the Trustmarks WG, including the POP replacement.

Minutes

Attending:  Keith Hazelton, Steve Carmody, Ian Young, Chris Misra, Scott Cantor, Jim Jokl, Mike LaHaye, Steve Olshansky, David Walker, Paul Caskey

With: Tom Scavo, IJ Kim, Walter Hoehn, Ann West, Nate Klingenstein

...

Action Items

...

The carry-over action item list has become very long. These are now located in a Google Doc.
https://docs.google.com/a/internet2.edu/document/d/1DSaqyEED55BVLC9dfUqPAf2bQAhPqO0y0inf60T6B08/edit

...

from

...

this meeting

(AI) Ann West will develop a service-level agreement concerning the IdP of Last Resort for Leif Johannson and UnitedID

...

(AI) David Walker will summarize the recommendation for registration information for entities registered by InCommon Stewards

Minutes

The minutes from the June 11, 2015, meeting were approved.

Federation Interop Working Group

Walter Hoehn joined the call and has agreed to chair this working group. He said his immediate order of business is to distribute a call for participation. There was discussion about the scope of the group and how widely to cast the net for participants.

...

In terms of scope, Ann mentioned that the end  results results should include that the working group define a testing mechanism for participants to know if they are doing the right thing, and that the WG develop clear requirements for interoperability. There was discussion at the latest REFEDS meeting about a combined approach for testing and for a testing facility for IdPs and SPs.

IdP of Last Resort Working Group

Leif Johansson of SUNET is involved in the UnitedID service, which could be a candidate as an IdP of Last Resort. He has reviewed the WG requirements for an IdPoLR and believes UnitedID is close, but does not quite meet all of the requirements. Ann has discussed ramifications for support and delivery, should InCommon adopt UnitedID as an IdPoLR. Leif asked for a service-level agreement (SLA) to document the InCommon expectations (AI) which Ann will do. Leif also would like a proposal to REFEDS for such an IdP to be included in eduGAIN metadata but not be part of any individual federation. (AI) Keith Hazelton will follow-up on that.

InCommon Steward Model

David Walker discussed the status of the InCommon Steward model, which is underway with MCNC. See the wiki for details of the issues under discussion (https://spaces.at.internet2.edu/display/inctac/Metadata+for+the+InCommon+Steward+Model).

The model allows for a regional to take on some of the registration authority tasks from InCommon and allow their constituents to join InCommon. The Steward would be responsible for K-12 entities, but in some cases the Steward organization name will not match the domain name. For example, the Steward is MCNC, but the domain name is DPSNC (Durham Public Schools). This is important to InCommon because the entity DPSNC will show as being registered by InCommon.

David and Jim Jokl outlined three options for listing the registration information for such metadata and asked TAC for opinions. Those options are:

...

This was discussed in the New Entities WG and Jim Jokl proposed that it would be best to choose “A” unless there is reason to believe that the regional is not following the Registration Practices Statement. The TAC consensus was to move forward with A, ensure that everything is documented properly. (AI) David will send a summary to the TAC email list for any response.

Next Meeting - July 9, 2015 - 1 pm ET

...

Attachments

...