MACE Conference Call, September 23, 2002

*MACE Conference Call*
September 23, 2002

*Attendees*

Bob Morgan (chair) - Washington
Keith Hazelton - Wisconsin
Michael Gettes - Georgetown
Scott Cantor - OSU
David Wasley - UCOP
Neal McBurnett - Internet2
Renee Frost - Michigan/Internet2
Ken Klingenstein - Colorado/Internet2
Brian Gilmore - Edinburgh
Mark Poepping - CMU
Steven Carmody - Brown
Ben Chinowsky (scribe) - Internet2

*Discussion*

Bob reported that the DRM working group is almost ready to launch; however, "writing down the scope ahead of time" is particularly important for this group, and that's not done yet. The DRM group has discussed adopting the TAG/PAG model, but apparently the technical and policy aspects are hard to separate -- even in the technical area, there is uncertainty about whether the focus should be more on the FDRM model or more on evaluating languages in light of the needs of R&E. David asked, given the many large, powerful organizations active in DRM, what the chances are of Shibboleth being able to influence the development of the technology, as with SAML. Bob noted that there was lots of talk about that at the DRM workshop (www.ait.utk.edu/drmworkshop/). The consensus there seemed to be that while there is little hope of substantially influencing the course of these organizations, that doesn't doom us to following their lead; the DRM working group should redefine the terms of discussion and try to provide libraries and museums with alternatives to what they're hearing from the big players. Cliff Lynch is helping set the agenda for the DRM working group. Bob stressed that there are many things this group could work on; he expressed concern that the group not put off launch until it can cover all areas, as that would be a very long time.

Ken noted that the first conference call of the Federating Organizations Organization (FOO) is tomorrow. This group will work on some of the harder aspects of implementing federated security, such as sub-clubs and multiple federations.

MACE discussed plans for sessions at the Fall 2002 Internet2 Member Meeting (www.internet2.edu/activities/html/fall_02.html). Ken needs to know who'll be there; [AI] All who plan to attend the Internet2 Member Meeting will notify Ken. [AI] Steven will send Ken a description of deferred Shibboleth issues he'd like to discuss at the Member Meeting. Shibboleth resource manager issues and Shib-vs-WebISO DRM issues were suggested as topics for the Sunday night BoF; [AI] Ken will draft a timed agenda for the Sunday night BoF, setting discussion priorities with a view to best making use of the time of those who plan to be there. Ken noted that the Shibboleth demo at the Member Meeting will be mostly self-operated.

Internet2 is increasingly anxious to establish a standard naming convention and location for all Internet2 documents. Middleware is leading the way in this area, and Ken wants to accelerate the process. It was agreed that documents should all appear under the Internet2 banner (as vs. the MACE banner), and that names for finished documents should include the working group name and a version number, but don't need to include an area name (e.g. "middleware") or a date. David noted that some systems can't accept arbitrarily long filenames, and suggested that finished documents be named according to the existing standard for draft documents, with the word "draft" removed. [AI] Ken will write up a proposal for standard naming and archiving of Internet2 documents.

Finally, Scott delivered some good news: VeriSign's new certs have both server authN and client authN key usage bits set, so when you buy a server cert it explicitly says that client use is OK. [AI] Scott will forward his note on VeriSign's new key usage settings to MACE.

*Action Items*

[AI] All who plan to attend the Internet2 Member Meeting will notify Ken.
[AI] Steven will send Ken a description of deferred Shibboleth issues he'd like to discuss at the Member Meeting.
[AI] Ken will draft a timed agenda for the Sunday night BoF, setting discussion priorities with a view to best making use of the time of those who plan to be there.
[AI] Ken will write up a proposal for standard naming and archiving of Internet2 documents.
[AI] Scott will forward his note on VeriSign's new key usage settings to MACE.