MACE conference call, April 9, 2001

*MACE conference call, April 9, 2001*

*Attendees*

Bob Morgan (chair) - Washington
Jim Jokl - Virginia
Ellen Vaughan - Internet2
David Wasley - UCOP
Keith Hazelton - Wisconsin
Mark Poepping - CMU
Ken Klingenstein - Colorado/Internet2
Ben Chinowsky (scribe) - Internet2

*Discussion*

The call opened with a discussion of code licensing and maintenance issues around Shibboleth and PubCookie, the Web initial sign-on (ISO) package that the University of Washington is making available for use with Shibboleth. The basic choice here is between the GNU/Linux and FreeBSD styles of licensing; the former, to be used for PubCookie, requires that products based on the licensed code also be open-source; the latter, used, for example, for MIT Kerberos, allows licensees to incorporate the code into proprietary products. Mark pointed out that the BSD style works well when the behavior of the code has already been described, and suggested that it would be good if all the pieces of Shibboleth could be brought together under the Internet2 intellectual property aegis. Which form of licensing will be used for Shibboleth has not yet been decided. There was general agreement that a good model for code maintenance would be for Internet2 to host an archive, but for as much as possible of the work of coordination and maintenance to be done by someone on a campus, with the particular individual and campus responsible possibly changing over time. It was noted that these issues will take on increasing importance as Internet2 releases more and more software; Mine Sakurai's Certificate Profile Maker is one likely near-term example. [AI] Ken will convey MACE's thoughts on code licensing and maintenance to Internet2.

MACE agreed to form a new working group devoted to Web ISO issues. Keith said that Wisconsin will be "charging full speed ahead on implementation"; [AI] Keith will find someone to run the MACE-WebISO phone calls. [AI] Ken will notify MACE when the MACE-WebISO list has been set up.

There was a short discussion of possible approaches to the problem of root cert download. Eric Norman has pointed out the relevance of ACAP (Application Configuration Access Protocol, ftp://ftp.isi.edu/in-notes/rfc2244.txt) and BEEP (Blocks Extensible Exchange Protocol, ftp://ftp.isi.edu/in-notes/rfc3080.txt) to this problem. Mark argued that the main question here is whether certs should be stored in a shared filesystem (as in Win2K) or a cross-platform object store (as in ACAP), and pointed out that even limited multi-vendor filesystems can be very useful for prototyping. Ken expects several approaches to root cert download to emerge in response to the NSF middleware solicitation; in particular he expects at least two proposals for a shared filesystem, from OpenAFS and Globus.

Ken provided an update on the NSF middleware solicitation. It now appears that Globus will be submitting a proposal separately from Internet2; their hope is that NSF will be able to support both. Microsoft seems willing to support Internet2's proposal, and tomorrow Ken will be discussing it with IBM's Brian Carpenter and Stu Feldman ("it's not like they're sending the B-team out"). Making use of campus teams will be a hallmark of the Internet2 proposal. The white paper that Ken helped write to accompany the solicitation is now at http://www.cise.nsf.gov/anir/mwir_whiteppr.htm. Last week there was a Federal interagency conference call about middleware coordination; the agencies appear to be enthusiastic about working with higher education. Ken will be at a face-to-face interagency meeting tomorrow.

There was a discussion of the issue of vendor participation in I2-MI conference calls. While there was some concern that such participation could lead to unwanted intellectual-property claims, it was agreed that as the minutes of the calls serve as documentation of prior art, it would be hard for anyone to claim ideas developed in the calls as patentable. Bob argued that contribution to the work should be the criterion for participation; "we want people to take our ideas and implement them". Bob related a conversation with Microsoft's Todd Needham in which Needham asked why more people weren't coming to Microsoft and asking it to make things available to higher education, as has been done with e.g. iPlanet. It was noted that growing corporate participation might necessitate more work on decisionmaking processes. Ken noted that the ranks of Internet2 corporate members continue to swell, NASDAQ being among the latest to join.

The first biweekly conference call of the Internet2 Video Middleware group is scheduled for April 17; lots of interesting ideas have been put forward for both short- and long-term projects. [AI] Ken will follow up with Ted Hanss on the possibility of arranging a discussion between MACE and Microsoft on video issues.

Internet2 is continuing to receive requests for guidance on OIDs management. [AI] Ken will incorporate David's comments into his OIDs-management document. [AI] Bob will give OIDs management 10 minutes of the agenda for the next MACE call.

Finally there was a Shibboleth update. There will be a Shibboleth working meeting in Ithaca on May 8, the day before the CSG meeting starts. Work is underway on the call for participation in the pilot phase. Ken reported that IBM's commitment to Shibboleth seems "stronger than ever"; they're thinking more about how WebSEAL fits in, and are planning to produce a document explaining how WebSEAL will add value to the open-source version of Shibboleth.

*Action Items*

[AI] Ken will convey MACE's thoughts on code licensing and maintenance to Internet2.
[AI] Keith will find someone to run the MACE-WebISO phone calls.
[AI] Ken will notify MACE when the MACE-WebISO list has been set up.
[AI] Ken will follow up with Ted Hanss on the possibility of arranging a discussion between MACE and Microsoft on video issues.
[AI] Ken will incorporate David's comments into his OIDs-management document.
[AI] Bob will give OIDs management 10 minutes of the agenda for the next MACE call.