*MACE Conference Call*
April 23, 2001
Bob Morgan (chair) - Washington
Jim Jokl - Virginia
Ellen Vaughan - Internet2
Ken Klingenstein - Colorado/Internet2
Renee Frost - Michigan/Internet2
Neal McBurnett - Avaya
Steven Carmody - Brown
Paul Hill - MIT
Nate Klingenstein (scribe) - Internet2
The first third of the conversation was devoted to several short items, the first two of which, OKI and SAML, were offered by Bob. Bob learned a lot about OKI at a meeting that occured at MIT on Friday, April 20; he has circulated the notes of that meeting on the MACE list. The MIT folks clarified the relationship of Stellar and OKI: Stellar's deployment is to underlie things, and OKI will be added as a separate, subsequent base. This indicates that how OKI currently works is not necessarily any indication of where it is going, and that it will hopefully not become a Stellar v1.1. A quick verification of the OKI and Stellar timelines revealed hopes that some courses would use Stellar this fall and that OKI's architecture would appear around September/October. This is consistent with Shibboleth's schedule. MIT was intrigued by the question of whether an extensible Shibboleth API would be created so others could build on top of it. The consensus was that MACE could offer assistance with this level of architecture. The familiar buy-or-build question was posed, with worries cast toward creations such as Blackboard; Blackboard can be seen as an expensive attempt to rebuild commercial products which have already seen large capital investments in money and time.
OASIS continues to converge toward a SAML standard. The current issue remaining most contentious is that of session management; some of the vendors participating in the creation of the standard want elaborate systems allowing instant logouts and the use of a wider variety of software. Shibboleth will make a great effort to move quickly toward adherence to the SAML standard. The vast majority of vendors at the OASIS face-to-face meeting (including Bob Blakley and Marlena Erdos) claim to already be coding inter-domain security software, and also plan to implement SAML very quickly. The SAML timeline has been refined, but the September date for an interoperable implementation remains, and is consistent with Shibboleth's progress.
After mention of Ken's "nice" PowerPoint presentation from the LSN meeting, the NSF solicitation was addressed. The latest information has been recently sent out to the list, and this is that Internet2's proposal will be submitted separately from Globus's. The real challenge is co-existence between Globus and Internet2, although the two programs address largely different problems. Letters of endorsement have already been requested of notables such as Ron Johnson and Jim Bruce. Steven briefly worried about "any gorillas that seem to be out there dancing," but the large vendors are unlikely to find this grant enticing. They will likely still partner, and one of the most interesting responses came from IBM; after they were asked to join the proposal as a Linux platform integrator, they revealed that they do no Linux development. This may still be an important angle, though, with central certificate management and other integration work largely undone on Linux.
The review of the proposals depends on the composition of the appointed review board and on which problems NSF sees fit to address with the solicitation. If NSF sees the broad landscape of medical middleware and other diverse uses, then multiple grants may be issued; if it takes Shibboleth and related Internet2 efforts for granted, then the single award may be given to Globus for its primary importance for chemistry, physics, and other scientific disciplines. [AI] Ken will send out an outline of a potential proposal, given the interest of the group.
In the second portion of the call there was a lengthy discussion of a deep hole into which the Department of Education has been dug; this issue has already been introduced on the list. The concerns of the banking and academic institutions were repeated often, and the DoE's various strategies for avoiding footing an enormous PIN-usage bill were outlined, with obscurity seeming the most viable strategy given the imminent, legislatively-imposed July 1st deadline for a functional system.
Shibboleth could ideally provide a promising alternative to the system in place, allowing schools using Shibboleth to vastly reduce PIN usage and limit the charges they may incur. The many other benefits of Shibboleth would also be well appreciated. The concerns of Shibboleth's security model addressing only one, relatively light, level of assurance were mitigated by the fact that acknowledgment of the receipt of funds is currently equivalent to a full signature.
The other obvious problem is the scalability of Club Shib. When it was initially proposed, the number of schools was imagined as being relatively small; but with the financial loan system spanning a vast number of schools, in Steven's words, "gee, that second thousand" that join Club Shib may quickly cause it to become unmanageable. If they remain interested in using Shibboleth as a potential solution, Steven questioned whether inclusion of a tool to handle this would be appropriate as a demo in this fall's reference implementation. Ken's response was that the challenge is no longer to be compelling, but to fulfill current compulsion. Ken expressed concern whether the architectural processes would be completed in a timely fashion. Bob responded, "Shipping is a feature, they say."
Finally, the call approached Judith Boettcher's desire to create a form of PKI Lite in response to lagging response to CREN's position as a CA for higher education. There were sweeping worries about how prepared the world truly is for client PKI and 100-page CPS documents and multiple levels of assurance. A call later this week is slated to understand why there is this lack of interest. On this call, however, secure email was discussed as a possible outlet for CREN's desire for expansion in the form of a PGP Heavy/PKI Lite.
Feelings oscillated between two extremes: the necessity of secure email for a scarce few crucial applications such as transfer and allocation of funds and important documents within an institution, or confidence in the integrity of communication channels in important business practices such as hiring; and, the hundreds of email messages a typical user receives during the course of the day and the paucity of occasions when a signature will be sent, much less verified. Though Carl Ellison consistently signs every message and has suggested that key escrow is unnecessary, the crowd remained unconvinced of this by his arguments. Bob's feeling is that the broadest problem in email is spam, which is not addressed through mere signatures. Regardless, it was thought that there is no compelling business model here for the corporate world, and likely is none for the educational one at the present time.
[AI] Ken will send the MACE list an outline of a potential proposal to NSF regarding the integration solicitation.