MACE conference call, December 18, 2000

*MACE conference call, December 18, 2000*

*Attendees*

Bob Morgan (chair)
Jim Jokl
Neal McBurnett
Ken Klingenstein
Renee Frost
Steven Carmody
Keith Hazelton
Ben Chinowsky (scribe)

*Discussion*

The meeting opened with a review of action items. Neal is working on his contributions to the MACE document-handling proposal. Bob has exchanged mail with Von Welch about Von's prospective MACE membership, and will be speaking with him this week.

Ken relayed Michael's report from the FPKI directory meeting; the Feds support an "ecumenical version", with some support for dc naming. Bob noted that he and Jeff Schiller had discussed FPKI directory issues with Tim Polk. A directory-standards recommendation from FPKI is expected soon.

Bob noted that IETF-SACRED is still in the stage of trying to characterize the problems it hopes to solve. At the recent IETF meeting, Bob and Neal volunteered to provide use-cases from the universities; in turn, they are now looking for volunteers to help write these up. Ken noted that there is an opportunity here to get SACRED to address higher education's issues early on in its work. Neal noted that SACRED is entirely focused on the non-smartcard case; the core interest is the Password Derived Modulus proposal. It was agreed that, although this may not allow a trust level higher than Federal Basic, this level meets about 90% of higher education's needs, so participation in SACRED would be most worthwhile. Bob noted that a recent med-center break-in at Washington has stimulated interest in security there, which might make Washington a good place to look for someone to take a leading role in SACRED. [AI] Bob will contact HEPKI-TAG and ask them to let Steve Farrell know what use-cases TAG will be able to provide.

Keith reviewed work on eduPerson 1.0. Jan. 22 is now the target date for the official release of v1.0. Ken has been reviewing the IMS specs; they are very fine-grained, and the eduPerson group has decided not to try to work these into v1.0. [AI] Ken will try to arrange a discussion with the creator of the IMS specs at CSG. [AI] Keith will send the IMS doc out to MACE-Dir.

Bob discussed DoDHE with Roland Hedburg last week, and asked him to provide an executive summary of his recent work. Bob suggested doing some collective brainstorming about possible uses for DoDHE beyond simple lookups, and Ken noted that MACE-Dir had agreed to make DoDHE the main agenda item for the Jan. 22 MACE-Dir call. Sun's donation -- a very large enterprise-class server and 6 million DNs -- is now official.

Ken discussed the possibility of a .edu performance-metric object class for the Internet2 End-to-End Performance Initiative (E2EPerf), and Steven noted that the Grid Forum Grid Performance Working Group is taking an approach similar to E2EPerf's. Steven also noted a presentation in the Grid Forum Grid Information Service Working Group suggesting that SQL be used instead of LDAP for performance data; Ken noted that SNMP MIBs are also a likely rival to LDAP for this purpose.

Steven and new IBM Shibboleth project manager designee Marlena Erdos are revising the Shibboleth scenarios document; Steven is also working on an architecture document. They are trying to stay out of "tar pits" such as FERPA, and are aiming to solve problems with policy statements rather than technology wherever possible. [AI] Steven will try to get confirmation of Marlena's and Jim McConnell's participation in the Thursday morning CSG session. [AI] Steven will send out information on RedIRIS's approach to the problems Shibboleth is addressing.

Ken noted that he will be attending the Hawaii Joint Techs meeting and doing a "why you should be doing this" plenary at the APAN meeting immediately following.

Finally there was a long discussion of the growing need to find staff and other resources for MACE-intersecting work, including both ongoing projects like Shibboleth and new ones such as MACE-Med and bringing K-12 into Abilene. Staffing suggestions included internships, "fledgling IT architects" on the campuses, and grad students on half-time research associateships. In general, few people appear to be available; Ken observed that "the staffing is harder than the money". There was general agreement on the particular importance of finding an effective strategy for building support organizations. Steven cited Shibboleth as a key example of this need: the first few implementers will gain expertise, then this expertise will need to be diffused to the 180+ Internet2 schools, and then to the thousands of EDUCAUSE schools. Keith offered the analogy of a plant raised in a hothouse -- if it is not transplanted, it will die. Similar implementation concerns have been raised about Globus. MACE discussed the possibility of organizing a group of consultants who would be available to come to campuses. In order to ensure interoperable deployments, the consultants would function primarily as trainers, working from Internet2-produced documents like the LDAP Recipe, and only secondarily as troubleshooters. E2EPerf aims to do something like this, building on the support model developed by NLANR, but improving its scalability by drawing systematically on support resources from Internet2 member campuses. [AI] Ken will document ideas for organizing support within Internet2.

*Action Items*

[AI] Bob will contact HEPKI-TAG and ask them to let Steve Farrell know what use-cases TAG will be able to provide.
[AI] Ken will try to arrange a discussion with the creator of the IMS specs at CSG.
[AI] Keith will send the IMS doc out to MACE-Dir.
[AI] Steven will try to get confirmation of Marlena's and Jim McConnell's participation in the Thursday morning CSG session.
[AI] Steven will send out information on RedIRIS's approach to the problems Shibboleth is addressing.
[AI] Ken will document ideas for organizing support within Internet2.