MACE Call 9-June-08

**MACE Call 9-June-08**

**Attending**
RL "Bob" Morgan, U. Washington (chair)
Ken Klingenstein, Internet2
Steven Carmody, Brown U.
Jim Jokl, U. Virginia
David Wasley, independent
Michael Gettes, MIT
Leif Johansson, Stockholm University / SUNET
Ann West, Internet2/Educause
Diego Lopez, RedIRIS
Scotty Logan, Stanford U.
Renee Frost, Internet2
Nate Klingenstein, Internet2
Jens Haeusser, U. British Columbia
Neal McBurnett, Internet2
Steve Olshansky, Internet2 (scribe)

**Recent meetings**
- Shib CAMP
May 13-15 2008, Ann Arbor MI
http://www.educause.edu/camp082
This was an installfest for both IdP and SP. There were issues with the VM image that were instructive and have been corrected for use in the future. Everyone left with a working SP, and most also left with a working IdP. The Shib team learned a lot, and the train-the-trainer aspect was successful in that many committed to running one-day events for their respective regions. The plan is to make the VM image available on the website as a learning tool for anyone interested. The main focus ongoing will be on supporting those running their own events, more than holding more Internet2-sponsored events. Educause regionals are a possibility for holding some of these in the future as adjacent events.

There will be Swiss and UK installfests this Summer. See the wiki for more information: https://spaces.internet2.edu/display/ShibInstallFest

- CSG
May 14-16 2008, Ann Arbor MI
http://www.stonesoup.org/

- IIW (Internet Identity Workshop)
May 12-14, 2008, Mountain View, CA
http://iiw.idcommons.net/index.php/Iiw2008a
RL "Bob" attended. There were many attendees working in OAuth-related projects (oauth.net). Utilizing credentials from authoritative sources was also a topic of interest. Higgins is working on a "relationship card" as an extension of InfoCards. BeenVerified (beenverified.com) was also represented, and interested in OAuth. The ISOC Trust initiative was represented as well. OpenID Foundation and InfoCard Foundation have been recently launched.
http://openid.net/foundation/

- TERENA+Refeds
http://tnc2008.terena.org/
http://www.terena.org/activities/refeds/
May 18, 2008, Bruges, Belgium
REFEDS was the focus of a lot of discussion on interfederation. There has been a steering committee appointed for fostering this. The interest among the commercial sector centered around relationships with Liberty. EPTID seems to taking hold as the key attribute in this context. There will be a proposal submitted to TERENA detailing support requested and a near term funding model to support the effort.

- Federation Soup + SAMLorama
June 2-4, 2008, Seattle WA
http://middleware.internet2.edu/fedsoup/

There were 50+ attendees. Getting issues on the table was the primary focus, and it was a successful event. How to move more towards an effective interfederation model was a key area of interest. InCommon will likely serve as a hub for this in the US. The main action item was to form an affinity group for university state systems, which will start off with monthly conference calls.

K12 was also discussed, in the context of how best to interact with them. The EU privacy regulations were of interest, and suggested the need to think about aspects of the InCommon profiles (bronze/silver) related to privacy compliance, and how to work with those organizations who are not affiliated with InCommon.

There was also a small follow-on meeting (SAMLorama) addressing technical issues surrounding inter-federation interactions. This primarily centered around SAML profiles and metadata tagging. Notes from the meeting are in the wiki:
https://spaces.internet2.edu/display/dsaml/SAMLorama+Topics+and+Notes

Liberty Alliance was suggested as the logical forum in which to pursue related work ongoing, v. TERENA, but details are not yet worked out. Neither organization is pursuing interfederation yet. International outreach was also brought up as an important issue.

It was noted that XRIs and XRDS efforts were recently voted down by OASIS.

The Liberty Alliance Identity Assurance Expert Group (IAEG) was discussed, noting that EAP (Electronic Authentication Partnership) has folded their work into this activity, and it incorporates the US EAF Credential Assessment Framework.
http://www.projectliberty.org/liberty/strategic_initiatives/identity_assurance