MACE conference call, August 14, 2000

*MACE conference call, August 14, 2000*

Bob Morgan (chair)
Renee Frost
Michael Gettes
Neal McBurnett
Ken Klingenstein
Ben Chinowsky (scribe)

*Discussion*

Bob opened the meeting by asking that [AI] All MACE members should submit their votes for the next MACE member. Few votes have been received so far.

Next were updates on Shibboleth, eduPerson, the LDAP recipe, directory-of-directories, and HEPKI. Last week Bob had a good conversation about Shibboleth with IBM (Blakely, Simpson et. al.) Steven has already done a first pass summary of the Shibboleth surveys and sent a pointer to the summary to the Shibboleth list.

The eduPerson group has reached agreement on all but the details of the EPPN. Keith announced that v0.9 will be posted soon, with the aim of having it vetted and being able to declare 1.0 in time for the Fall Internet2 Member Meeting. Michael's LDAP recipe is now at 1.1, and will be released about a week after eduperson 0.9. [AI] Renee will set up an eduperson-comments@internet2.edu or similarly named list for discussion of both the main eduPerson document and the LDAP recipe. Eduperson will also be presented more formally to AACRAO and similar bodies; the LDAP recipe will be discussed on IETF lists and in an August 24 EA conference call.

Bob has recently spoken with Roland Hedburg about the directory of directories work, and "he is pleased to work with us". Hedburg's index tool is being used for d-of-d-like stuff in Scandinavia; legally the software is an asset of his (one-man) company. He has asked Ken if there is a way for Internet2 to work with him as an institutional member, so that Internet2 and the users will know what they're getting. Hedburg's implementations are standards-based, and make use of both LDAP and other directory services. Exchange of indexes is the main idea; [AI] Bob will try to get Hedburg to provide a more detailed description of his work.

Next was a review of the recent PKI meeting at Snowmass. Turnout at Snowmass was good. Casey put forward a DST proposal for outsourced certs and registration capability. Neal liked Casey's emphasis on "the 3000 universities that weren't there"; Casey will be producing a straw-man document to turn over to university folks to see if there is interest in DST's product, and to clarify what advice is needed by the large mass of potential customers when they deal with vendors. VeriSign never showed up at Snowmass. The Irish company Baltimore presented their services and talked about the work they'd done for the Feds; their talk was a follow-on to Guida's. Baltimore was very interested in marketing to the group at Snowmass. Frank Grewe discussed work at the University of Minnesota; they are using magnetic cards for directory access, and are just starting very-small-scale PKI pilots. Judith presented a CREN overview, and Bill Weems talked about work at Galveston Medical Center. On the second day the group worked Ken's 4-D grid; this was helpful in getting a grip on what the Federal agencies are doing, as they've written their own CPs. A task force is needed to look at these CPs and get together with the Feds and the lawyers. Ken, David and Clair have agreed to chair such a group. The aim is to assemble this group within the next 3-6 weeks, then get them into a room for 2-3 days to come up with a higher-education policy that will work with the Feds and satisfy the lawyers. The task force will meet in the DC area. Ken aims to get Casey on this committee.

After the summit meeting, a HEPKI-TAG meeting reviewed a certs-in-browers document that Michael has been working on with Dave Ladd of Microsoft. Michael would like to come to one arrangement encompassing both Netscape and Microsoft, but he thinks that is unlikely. Neal suggested running Michael's certs-in-browsers document by Jeff Schiller, and Bob suggested the IETF sacred (Secure Access to CREDentials) BoF as another venue. Ken is drafting a related document.

There was a short discussion of the status of the I2-MI NSF proposal. The proposal has not been sent out for review by NSF. Messerschmitt et. al. are reviewing CISE; they appear to support I2-MI's emphasis on working on the PKI fabric as vs. just individual components. NSF's inaction is somewhat puzzling. Ken is working on developing funding from within Internet2, and is hoping to get some answers on the necessary process sometime in the next two weeks. While NSF support would be very nice, I2-MI will be able to get along OK without it.

In medical middleware work, Ken has assembled a few names for the MACE-Med group, and Mary Kratz is organizing related meetings. HIPAA is finalized, and healthcare.org is now online. [AI] Ken will forward medical-middleware-related information to the MACE list. Healthcare.org has compiled dueling articles on the imminence/remoteness of PKI. If anyone has contacts at institutions that are integrating their medical schools, please forward them to Ken.

Finally, Ken noted that he is tracking down the OID issue discussed in HEPKI; a fix is required for the problem of it taking two months to get an OID.

*Action Items*

[AI] All MACE members should submit their votes for the next MACE member.
[AI] Renee will set up an eduperson-comments@internet2.edu or similarly named list for discussion of both the main eduPerson document and the LDAP recipe.
[AI] Bob will try to get Hedburg to provide a more detailed description of his work.
[AI] Ken will forward medical-middleware-related information to the MACE list.