*MACE Conference Call*
April 18, 2005
*Attendees*
Bob Morgan (chair) - Washington
Ton Verschuren - SURFnet
Diego Lopez - RedIRIS
Michael Gettes - Duke
Steven Carmody - Brown
Renee Frost - Michigan/Internet2
David Wasley - independent
Steve Olshansky - Internet2
Tom Barton - Chicago
Scott Cantor - OSU
Lynn McRae - Stanford
Paul Hill - MIT
Mark Poepping - CMU
Keith Hazelton - Wisconsin
Nate Klingenstein (scribe) - Internet2
*Discussion*
After reviewing plans for the Internet2 Member Meeting and the eduRoam summit immediately following it, the group discussed planning for this summer's CAMPs (see http://www.educause.edu/camp052 and http://www.educause.edu/camp053). Past CAMPs have generated many requests for a vendor presence; the committee is considering adding a set of one-hour vendor presentations on Wednesday afternoon. In addition to giving CAMP attendees information about commercial identity management solutions, this could provide an opportunity for the constituencies represented at CAMP to give vendors a better sense of the main issues they face.
Jim Jokl asks that MACE review the HEPKI-TAG-approved PKI Lite Certificate Policy & Practices and Certificate Profiles at http://middleware.internet2.edu/hepki-tag/#PKI_Lite. It's not clear what E-Auth LoA PKI-Lite end-user authentication would map to, if any -- Level 2 at most, but perhaps not even Level 1.
Walter has been working through the arduous process of testing the Shibboleth 1.3 prototype IdP for interoperability with E-Auth-approved service providers. This focus is due to the primary use case of campuses using Shibboleth for access to Federal web sites; use cases involving Shibboleth SPs are further down the road, and further interop testing is being planned accordingly. The Shibboleth 1.3 release is currently planned for around the beginning of June. It was also noted that feedback from MACE would be much appreciated by the people working on USPerson.
SCHAC (http://www.terena.nl/tech/task-forces/tf-emc2/schac.html) expects to have an initial set of attributes to propose soon; Diego has been working on collecting schema from a half-dozen or so European countries. There is interest in DANTE in using harmonized schema to support the projected "Premium IP" and "Bandwidth on Demand" provisioning services.
Finally there was a short discussion about authentication and metasearching. The vision here is that campuses could deploy metasearch products that would accumulate materials from many different information resources; the campus might also mediate actual access to these resources. Clearly this raises all sorts of business-model and licensing issues. Shibboleth seems well-suited to doing access control in this context. Steven noted that there's a lot of curiosity about how Google's role in this is likely to evolve.