MACE Conference Call, September 18, 2006

*MACE Conference Call*
September 18, 2006

*Attendees*

Bob Morgan (chair) - Washington
Leif Johansson - Stockholm/SUNET
Steve Olshansky - Internet2
Scott Cantor - OSU
Steve Carmody - Brown
Renee Frost - Michigan/Internet2
David Wasley - independent
Lynn McRae - Stanford
Neal McBurnett - Internet2
Ken Klingenstein - Colorado/Internet2
Ben Chinowsky (scribe) - Internet2

*Discussion*

Recent meetings:
- Bob, Ken, and Brian all attended the second Australia CAMP. There was much discussion about the PKI being built in Australia; although this is a conventional PKI, Shibboleth will also be supported. Bob noted that Brian was able to use eduRoam to access Macquarrie University's network using his credentials from Edinburgh. Presentations from the Australia CAMP are at http://www.middleware.edu.au/program_and_presentations.
- Charlie Catlett's overview of the TeraGrid authN/Z meeting is at http://teragrid.blogspot.com/2006/09/improving-security-and-usability.html. Bob noted that TeraGrid is hoping to create around a thousand "science gateways" in the next two or three years, necessitating web federation and a clear architecture for how campuses will work with this.
- Nate is writing up notes and action items from the September 1-2 Shibboleth developers' meeting. Scott noted that IdP discovery is a big issue; he is working on a sketch of how to return this task to the SP. Another face-to-face meeting is being planned around the Internet2 Member Meeting in December.

Upcoming meetings:
- The agenda for the October 18-19 Advanced EuroCAMP on "Moving towards Confederations" is available at http://www.terena.nl/activities/eurocamp/october06/.
- The agenda for the November 7-9 CAMP on "Building a Distributed Access Management Infrastructure" is available at http://www.educause.edu/camp064.

Bob approvingly noted the emergence of I.T. Architects in Academia (ITANA). ITANA's activities will be a superset of MACE's; several MACErs are involved, and ITANA plans to establish both a working group under MACE and a peer group under EDUCAUSE. See http://www.itana.org/?p=1 for details.

Bob noted that there will be some significant meetings on the future of E-Auth in the coming weeks. [AI] Ken will send MACE an update on recent discussions of the future of E-Auth.

Ken noted that a disaster recovery discussion group plans to convene in the next few weeks. This will probably lead to the creation of one or more working groups, at least one of which is likely to be under MACE.

The group discussed options for simple CA software. [AI] Steve Carmody and Bob will follow up on the possibility of making a stand-alone version of the SASL CA available from the LionShare site. [See also: http://middleware.internet2.edu/MACE/minutes/MACE-10-July-2006.html]. Von noted that another option is an online CA from the Grid community known as "MyProxy". The name is misleading; while MyProxy was originally used as a proxy cert repository, it can also generate end-entity certs. See http://myproxy.ncsa.uiuc.edu.

Finally, Bob drew the group's attention to 9Star Research's "big picture" page: http://www.9starresearch.com/opensourceidm.html. Discussion of this on the MACE list is welcome; Leif noted that it has also been discussed on some of the European lists.

*Action Items*

[AI] Ken will send MACE an update on recent discussions of the future of E-Auth.
[AI] Steve Carmody and Bob will follow up on the possibility of making a stand-alone version of the SASL CA available from the LionShare site.