MACE Conference Call, December 2, 2002

*MACE Conference Call*
December 2, 2002

*Attendees*

Bob Morgan (chair) - Washington
Ton Verschuren - SURFnet
Neal McBurnett - Internet2
Steve Worona - EDUCAUSE
Ken Klingenstein - Colorado/Internet2
Keith Hazelton - Wisconsin
Steven Carmody - Brown
David Wasley - UCOP
Renee Frost - Michigan/Internet2
Ann West - EDUCAUSE/Internet2
Scott Cantor - OSU
Michael Gettes - Georgetown
Jim Jokl - Virginia
Brian Gilmore - Edinburgh
Diego Lopez - RedIRIS
Mark Poepping - Carnegie Mellon
Ben Chinowsky (scribe) - Internet2

*Discussion*

Bob Morgan opened the meeting with a review of the November 17-21 IETF.
- Bob noted that he'd had an interesting conversation about the Semantic Web with Graham Klyne (http://www.ninebynine.org/).
- Bob found "a surprising amount of interest" in a more standards-based approach to *X.509, especially from people involved in XKMS.
- PKIX discussed "the endlessly contentious proxy-cert thing"; Bob argued for keeping delegation control separate from cert control per se, and is writing up his thoughts on this topic.
- A WebDAV access-control spec made it all the way to the IESG, where it was considered unacceptable and tossed back to the working group. This made it Exhibit A for previously-planned discussions of problems with the IETF process.
- There was much interest in finding ways to do consistent authorization.
- There was much controversy over the IETF's IPR standards, but it was agreed to stick with current policies, for the time being at least.

The group surveyed current European middleware concerns as discussed at the November 26-27 meeting of TERENA TF-AACE in Stockholm. The first day was devoted to AAA; Ken noted that "without even a common acronym set" it was clear that PAPI and Shibboleth are largely overlapping approaches. One suggestion was to diagram a standard model for "modern middleware" (both client and target sides), and map various projects to it. The second day was more focused on directories; Peter Gietz presented DEEP. There is significant interest in eduPerson in Australia. It was agreed to produce an improved version of eduPerson, and if necessary a euroEduPerson as well, though most changes suggested by the non-US attendees were general improvements rather than being specific to the needs of internationalization. Ken suggested that MACE aim to have a version of eduPerson ready for international use within the next six months. There was general agreement that a common middleware model and an internationalized eduPerson should be high-priority projects. Michael noted that he is on the program committee for the May 19-22 TERENA conference in Zagreb, so send him suggestions for topics.

Next was a discussion of future areas of work, and possibly new working groups, for MACE-Dir. Suggestions included:
- a new version of eduPerson, ready for international use, and taking into account the needs of Shibboleth, registries, and directory support for PKI.
- a roadmap for institutions new to middleware. Ann noted that, given the mass of material now available, it's hard for new institutions to know how to get started. [AI] All will review Ann's draft roadmap for schools new to middleware, for discussion on the next call.
- "vignettes" of metadirectories at work.
- performance monitoring.
- Federated Identity Management, including aligning with Liberty Alliance, and Shib-related issues with directory-based security.
- credential conversion (aka *X.509).
- HIPAA-related technologies.
- authorization.
- federated P2P.
There was also a short discussion of the possibility of MACE-Dir expanding its scope to investigate particular "upperware" technologies, such as the Semantic Web. There was general agreement that MACE-Dir has plenty on its plate without forming any new working groups in this area. Scott suggested that, rather than staying out of the upperware arena entirely, MACE-Dir could assign individuals to short research projects on key upperware technologies. The group noted the growing importance of having well-written charters for working groups, including specific goals and timelines.

Finally, it was noted that the OASIS PKI TC -- formerly the PKI Forum -- just had its first conference call; see www.oasis-open.org/committees/pki/ for more information.

*Action Item*

[AI] All will review Ann's draft roadmap for schools new to middleware, for discussion on the next call.