MACE conference call, May 22, 2000

*MACE conference call*
Monday, May 22, 2000

*Attendees*

Paul Hill
Steve Carmody
Mark Poepping (acting co-chair)
Ken Klingenstein (acting co-chair)
Eric Norman
Renee Frost
Keith Hazelton
Ben Chinowsky (scribe)

*Discussion*

Ken Klingenstein opened the meeting by announcing a new, more narrative format for the minutes of this and future MACE meetings. Ken asked the group's opinion on sending the minutes out to a broader audience, and perhaps posting them on the Web as well, in order to publicize the work of MACE. This led to a related discussion of problems in involving non-MACE members in discussions on the MACE list. No decisions were reached on these issues. [AI] Ken will send the MACE list a summary of the issues involved in publicizing and broadening MACE discussions, and raise the subject in the next call.

The discussion then moved on to directories. Keith Hazelton is working to have v0.9 of the eduperson documents ready for the MACE-DIR call on Tuesday, May 30. Ken raised the question of whether the edu in eduperson includes K-12. Keith replied that it was not intended to, but that it would be easy to expand it to do so. The group took note of the possibility that K-12 may have unique needs in making use of the schema. With respect to Grid involvement in directories, Ken has talked with Carl Kesselman about objectclasses and deep LDAP; the Grid people have been talking about a lot of the same things as MACE-DIR. There was general agreement that it would be good to work more closely with these folks. Ken has recently received a quote for the directory-of-directories project; it was agreed that the group should go ahead with pursuing funding for this, but also that it is important that directory-of-directories be advertised as an experiment, not a production service. There was a short discussion of problems with scalability of referrals, and the consequent need for central indexes; it was agreed to look into these issues in more detail on the next call, with Michael Gettes participating.

Next Ken gave brief reports on the Shibboleth and medical middleware work. The Shibboleth project proposal has gone out to the participating schools, and IBM has recommitted to doing analysis for the project. Renee Frost will coordinate this activity. Ken reported that Bob Morgan is getting heavily committed to the medical middleware area, and that a series of three or four workshops this summer and fall will tackle the problems raised by HIPAA (the Health Insurance Portability and Accountability Act, aka the Kennedy-Kassebaum Bill) from the certificates-policy and research-issues angles. There are many different problems the medical middleware effort could address; its participants are striving to gain and retain a clear focus.

There was a short discussion of PKI issues. The Federal PKI list seems to have become a directory-interoperability forum; with only 140 sites, their task is considerably easier than that faced by higher education. Ken has received a letter from the Feds expressing interest in establishing links between Federal and higher-education CAs, starting with a point-by-point comparison of certs policies. The group also took note of the emergence of Intel's CDSA (Common Data Security Architecture), which has become an Open Group standard. It was noted that the Open Group has participation from many .com's but no .edu's -- "something to think about".

The discussion then took a long detour down a deep rathole: authorization. After kicking around the idea of coupling long lived identity certs with short lived attribute certs, and issues of delegating authorization management, the group agreed that the discussion of authorization needs to be deferred until after MACE is provided with more information on authorization issues. [AI] Mark Poepping will email Ken about organizing an authorization discussion. It was also noted that there are many separate groups trying to figure out authorization, including quite a few in the IETF. Many of them are not getting anywhere. Paul Hill suggested that producing a white paper cataloging these efforts might be a good place for MACE to begin its efforts in the area of authorization.

Next was a discussion of Web-portal consortiums. Steve has just initiated a project working with open-source portal code. His student's first two tasks are to get the code running and to write up a set of instructions that will tell others how to get the code running. There was a short discussion of gocampus.com, which is directed by Peter Lyman of UC Berkeley. The University of Washington appears to be the flagship participant, so [AI] Keith will contact Bob for information on gocampus.com, and inform the MACE list. Gocampus.com will also be a topic for the next call. JA-SIG was not discussed; [AI] Mark Poepping will send mail to Ken to schedule a discussion of JA-SIG.

Finally there was a short discussion of the recent EDUCAUSE/NACUBO ebusiness workshop. Steve noted that he had heard that the meeting had gone well; a white paper will probably result. Steve suggested that MACE track this group's efforts, and suggested that this group would be a good place to look for the emergence of a killer app that would use the stuff I2-MI is building. It was noted that the EDUCAUSE/NACUBO group has more of a policy than a technology focus. [AI] Mark Poepping will work with Ken to schedule further discussion of the ebusiness workshop.

The next regularly scheduled MACE call will be on Monday, June 5, at 8:30pm GMT = 4:30pm EDT = 1:30pm PDT.

*Action Items*

[AI] Ken will send the MACE list a summary of the issues involved in publicizing and broadening MACE discussions, and raise the subject in the next call.
[AI] Mark Poepping will email Ken about organizing an authorization discussion.
[AI] Keith will contact Bob for information on gocampus.com, and inform the MACE list.
[AI] Mark Poepping will send mail to Ken to schedule a discussion of JA-SIG.
[AI] Mark Poepping will work with Ken to schedule further discussion of the ebusiness workshop.