MACE Conference Call, July 24, 2006

*MACE Conference Call*
July 24, 2006

*Attendees*

Bob Morgan (chair) - Washington
Diego Lopez - RedIRIS
Michael Gettes - Duke
Jim Jokl - Virginia
Renee Frost - Michigan/Internet2
Scott Cantor - OSU
Keith Hazelton - Wisconsin
Ken Klingenstein - Colorado/Internet2
Neal McBurnett - Internet2
Steve Olshansky - Internet2
David Wasley - independent
Rodney McDuff - Queensland
Lynn McRae - Stanford
Steve Carmody - Brown
Ben Chinowsky (scribe) - Internet2

*Discussion*

Bob was at IETF 66 in Montreal. Of particular note was the Web Authentication Enhancement (WAE) BoF, which considered the many different technologies in this space and tried to set some priorities. Bob described the BoF's fourfold division of the problem space:
- There was strong interest in developing better HTTP authentication methods, primarily to combat phishing.
- There was also strong interest in developing (or profiling) web SSO, including UI aspects, or at least hooks for UI. There were also hopes that much of this work has already been done.
- A smaller group of those present were interested in developing standard approaches to sending user attribute information at authentication time (or other times, but with user involvement).
- There was also interest in ensuring that all the above benefits can apply to all commonly-used access protocols (e.g. IMAP, POP, SMTP), rather than to just HTTP/web, but there was general agreement that this is too much to ask for at this point.

The draft minutes of the WAE BoF are currently under discussion on the DIX list; see http://www1.ietf.org/mail-archive/web/dix/current/maillist.html. Also of interest at IETF 66 was the Network Endpoint Assessment (NEA) BoF, which SALSA NetAuth is involved with; see http://security.internet2.edu/netauth/minutes/NetAuth-20-July-2006.html. Preliminary materials from IETF 66 are at https://datatracker.ietf.org/public/meeting_materials.cgi?meeting_num=66.

Other recent meetings:
- Paul Hill was at the July 10-14 Education Commons SOA / Community Source Student Services System workshop at MIT; see http://educationcommons.org/projects/display/CSSSS/Workshop+II+July+2006 for materials from the workshop.
- Scott attended the Identity Open Space meeting in Vancouver (http://ios.windley.com/wiki/IOSVan); he described it as generally productive, as well as an opportunity for cross-pollination between IIW "bohemia" and the more corporate-oriented Liberty Alliance. Scott led a session on the nascent Liberty Open Source effort; see http://ios.windley.com/wiki/LibertyOpenSource.
- Keith attended the Singapore APAN (http://www.apan.net/meetings/singapore2006/schedule.html). There has been an overall increase in middleware activity in China and Japan; see Keith's July 24 note to the MACE list for details. SAML appears to be attracting a lot of interest. Australia has launched the Middleware Action Plan and Strategy (MAPS) project; see http://www.middleware.edu.au/. European middleware efforts were also well represented at the APAN meeting.

Upcoming meetings:
- The Australia Middleware Forum and CAMP is August 21-23 in Sydney; see http://www.middleware.edu.au/camp/. Bob and Ken are going. About 100 people are expected for the Forum, and about 50 for the CAMP.
- Tom Barton and Ken are organizing a TeraGrid authentication and authorization meeting at Argonne for the last week of August.
- The Advanced EuroCAMP will be October 18-19 in Malaga, Spain; see http://www.terena.nl/news/fullstory.php?news_id=1987.
- The Signet/Grouper CAMP will be November 7-9 in Denver.

Bob noted that an identity management council is forming under the aegis of Windows HiEd (http://www.windows-hied.org/). Bob is meeting with Kim Cameron to find out more.

Materials from the Workflow Advanced CAMP are at http://www.educause.edu/Proceedings/10393. A wiki and mailing list have been set up to continue the discussion; see https://wiki.internet2.edu/confluence/display/ACAMPWorkflow/Home and https://mail.internet2.edu/wws/info/workflow-sig.