MACE conference call, June 5, 2000

*MACE conference call*
Monday, June 5, 2000

*Attendees*

Bob Morgan (chair)
Michael Gettes
Neal McBurnett
Renee Frost
Paul Hill
Steven Carmody
Ken Klingenstein
Ben Chinowsky (scribe)
[others?]

*Discussion*

The meeting opened with a short discussion of publicizing the work of MACE; it was agreed that the new narrative-style minutes should be posted to the MACE web site.

This was followed by a discussion of Ted Hanss's email asking for feedback on the idea of Internet2 producing a Linux distribution, and for ideas about middleware items to include in such a distribution. It was noted that the scope of the proposed distribution has expanded well beyond the initial focus on the Web100 project. MACE had no suggestions for middleware components to add; there was also a sense that this project could easily require more time than MACE members have. There was agreement that if Internet2 is to pursue this idea, it should produce packages to be included in one or more existing distributions, rather than creating an entirely new distribution. Bob Morgan noted that many campuses are already producing their own distributions, and that while this could be a source of opportunity, it could also make it harder to achieve wide distribution of any Internet2 Linux packages. [AI] Ken will convey to Ted the group's consensus on the Linux distribution.

The discussion then moved on to directories. First was a discussion of work on a "gridPerson" schema. Ken has received mail from the Chair of the Grid Forum's Grid Information Services Working Group (GIS-WG), Gregor von Laszewski, about coordinating with MACE's eduPerson work. The gridPerson work so far resembles eduPerson in having few new attributes, but defining existing attributes very carefully. Unlike eduPerson, the gridPerson draft has little advice on how to make use of those attributes. Ken noted that it is likely that there will soon be a proliferation of "small-g grids", and that the gridPerson work will be important in ensuring interoperability among them. MACE was interested in learning more details of this work; [AI] Ken will respond to Gregor with a list of questions arising from this conversation, suggest that the discussion be continued, and cc: the group. Michael offered to participate in this effort also.

Michael noted that most work on the directory-of-directories project is waiting on eduPerson, and that d-of-d could prove to be an important way of learning how to make use of it. Ken is supposed to write a one- or two-page document advocating increasing the number of participant schools, stating that we know the current model won't work in the long run, and listing problems; there was a discussion of those problems and what to do about them. [AI] Bob will send the group a list of directory-indexing references relevant to the directory-of-directories project. [AI] Ken will write a one- or two-page document on the directory-of-directories project, arguing that "federated directories" would be a better label and discussing the pros and cons of turning the project into a service. The two functions of this document will be to make sure everyone is on the same page, and to gather resources. [AI] Sometime in the next few weeks Michael will send MACE-Dir the LDAP recipe he has been working on.

Next was a brief update on the Shibboleth project. June 15 is the target date for completion of the survey; IBM is wondering what's happening, so Ken recommended that the project go forward as soon as four or five completed surveys have been received. So far surveys have been received from MIT and Georgetown; Bob is working on the survey for the University of Washington.

The next topic discussed was PKI. Ken noted that support is coalescing around HEPKI; in particular, EDUCAUSE is setting up a web site for HEPKI, and there is a lot of interest in having HEPKI work closely with net@EDU. Standing conference calls have been set up for HEPKI-TAG and HEPKI-PAG. HEPKI-TAG is working in four main areas: profiles, mobility, open-source issues, and working with CREN on a CA survey. HEPKI-TAG expects to have collected five or six profiles within the next ten days; they will work through them field by field to find consistencies and inconsistencies and their causes, and write up a report. The result will need to be compared with eduPerson. The CREN surveys have been finished for three schools, with three more in process. A related proposal has been submitted to the NSF, but it is unlikely that anything will be heard from them soon; NSF is planning a (possibly external) review of all submitted middleware proposals. As well as working on a certs policy, HEPKI-PAG is exploring ways of educating state legislatures on different alternatives for trust models for public universities. A conference of state CIOs is coming soon; HEPKI-PAG wants to make sure they know that the approach recently adopted by the states of Washington and Texas is not the only one possible.

In other PKI work, the Federal PKI working group is in the middle of an intense discussion around technical vs. legal interpretations of nonrepudiation; this will be coming to a vote soon. CREN has been discussing certificate validity periods. There is an Ed/Fed PKI meeting coming up on June 22. Ken asked for and received the group's consensus that PINE [cap?] is going to be a trendsetter and that therefore I2-MI should work with them. The RFP for the Internet2 PKI Labs is going out at the end of this week; Lucent engineer Neal McBurnett is on loan to Internet2 half-time and will be working on this. More certificate profiles are urgently needed; [AI] Paul will ask Jeff for the MIT certificate profile and send it to Ken.

Ken gave a short NACUBO update; he is confident that they understand the importance of directories. More broadly, some recent conversations with EDUCAUSE have ensured that groups like NACUBO that work with EDUCAUSE will be pointed to I2-MI for collaboration on directories.

Next was a discussion of past and future meetings, of which there are many. JA-SIG is having a big meeting in Monterey in July; Ken and Michael believe this conference will be oriented to getting JA-SIG into areas of work other than portals. [AI] Steven will check with Andy Newman on the status of implementation and documentation of security components in JA-SIG. Michael recently gave Ken's PKI presentation to a European gathering composed of about half academics and half central-IT types, and met with general approval; they want to do LDAP directories. Ken is going to a conference in Leyden, Netherlands, which is centered on understanding middleware from the perspective of making mobile Web phones work. [AI] Ken will send the program for the Leyden conference to the MACE list. Ken recommended a session that has been scheduled with the U. of Texas legal staff at the August Snowmass meeting; EDUCAUSE will hold a PKI meeting immediately after the main Snowmass meeting. There is a big NGI workshop at NREN in August; they have funds for travel and are looking for participants. [AI] Ken will send the URL for the NREN workshop to the MACE list. Bob will be at the upcoming Burton "Catalyst 2000" conference, and Renee has recently arranged a reduced-rate Burton membership for the Early Adopters group. Finally, Mark Luker has asked Michael to do a directories presentation at the October EDUCAUSE conference. Michael is interested in doing this, but may have a conflict.

Finally the group considered next steps for H.323 in general and MACE's use of it in particular. [AI] Ken will contact Tyler Johnson about getting him on one of the MACE calls to discuss directories and authorization for H.323, with a view to contributing to the RFC he is working on with Mary Fran Yafchak. Ken noted that Bob Dixon had confirmed that it is possible to join an H.323 call from (for example) an airport pay phone, which is key to the usefulness of H.323 to MACE. [AI] Ken will send out a schedule for MACE calls for the rest of the summer, targeting one around August as an H.323 call; he will also send out the URL for the ViDe cookbook. [AI] Renee will send out the URLs for Bob Riddle's Internet2 H.323 page and Bob Dixon's page discussing recommended H.323 equipment.

[AI] Steven will forward to the group a document he is getting from Netscape about a 200,000-user authentication system they are developing.

The next regularly scheduled MACE call will be on Monday, June 19, at 8:30pm GMT = 4:30pm EDT = 1:30pm PDT. Ken K. will be in the UK but will try to join the call.

*Action Items*

[AI] Ken will convey to Ted the group's consensus on the Linux distribution.
[AI] Ken will respond to Gregor with a list of questions arising from this conversation, suggest that the discussion be continued, and cc: the group.
[AI] Bob will send the group a list of directory-indexing references relevant to the directory-of-directories project.
[AI] Ken will write a one- or two-page document on the directory-of-directories project, arguing that "federated directories" would be a better label and discussing the pros and cons of turning the project into a service. The two functions of this document will be to make sure everyone is on the same page, and to gather resources.
[AI] Sometime in the next few weeks Michael will send MACE-Dir the LDAP recipe he has been working on.
[AI] Paul will ask Jeff for the MIT certificate profile and send it to Ken.
[AI] Steven will check with Andy Newman on the status of implementation and documentation of security components in JA-SIG.
[AI] Ken will send the program for the Leyden conference to the MACE list.
[AI] Ken will send the URL for the NREN workshop to the MACE list.
[AI] Ken will contact Tyler Johnson about getting him on one of the MACE calls to discuss directories and authorization for H.323, with a view to contributing to the RFC he is working on with Mary Fran Yafchak.
[AI] Ken will send out a schedule for MACE calls for the rest of the summer, targeting one around August as an H.323 call; he will also send out the URL for the ViDe cookbook.
[AI] Renee will send out the URLs for Bob Riddle's Internet2 H.323 page and Bob Dixon's page discussing recommended H.323 equipment.
[AI] Steven will forward to the group a document he is getting from Netscape about a 200,000-user authentication system they are developing.