MACE Call 24-October-2011

**MACE Call 24-October-2011**

**Attending**
RL "Bob" Morgan, U. Washington (chair)
Ken Klingenstein, Internet2
Scott Cantor, The Ohio State U.
Leif Johansson, SUNET/NORDUnet
Michael Gettes, Carnegie Mellon U.
Jim Jokl, U. Virginia
Renee Shuey, Penn State U.
Keith Hazelton, U. Wisconsin - Madison
Steven Carmody, Brown U.
Tom Barton, U. Chicago
David Wasley, independent
Nate Klingenstein, Internet2
Steve Olshansky, Internet2 (scribe)

NEXT CALL: 7-November-2011
Theme: TBD

**New Action Items**
[AI] (All) propose November 7 call theme via the list.
[AI] (Leif) will talk to Andreas about reiterating the VOOT use cases around federated groups.

**Carryover Action Items**
[AI] (All) interested in participating in the OSIdM4HE effort contact Bob.
[AI] (All) discuss further ideas on IAM suite collaboration on the mailing list.
[AI] (All) send seedcorn suggestions to Ken.
[AI] (Ken) will distribute the CRU taxonomy of SPs
[AI] (Ken) will send out a link to relevant GENI IdM information.
[AI] (Keith) will write up the current state of the identifier discussion and apparent consensus, and associated explanatory material, for use by REFEDs.
[AI] (Ken) will coordinate a small working group with Heather to look into access control and IdM layer requirements for shared file services, calendaring, and web-conferencing in a federation-centric context.
[AI] (All) with suggestions for other foundations that the Shib Consortium could eventually be embedded in are encouraged to discuss them on the list.
[AI] (Ken) will convene a small subgroup of MACE to consider the seed corn issues in more depth and report back on a forthcoming call, soon.
[AI] (Ken) will invite Mike Conlon (U. Florida), the VIVO PI, to a forthcoming MACE call.
[AI] (Keith) will maintain an issues list to inform a potential new charter for MACE-DirNG, syncing it with the FedApps charter.
[AI] (RLBob, Scott, and SteveO) will proceed with the process of formalizing the FedApps working group, including setting up a list/wiki/website, and advertise it in the appropriate venues.
[AI] (Ken) will draft a one-pager about what MACE does and what questions it has, for review by MACE, as a discussion guide with Internet2 leadership.
[AI] (Ken) will distribute a draft requirements framework for VO support engagement
[AI] (David) will contact GSA for an update on the approval process for InCommon Silver.
[AI] (Ken) will send out info on DHS secure online transactions
[AI] (Ken) will follow up on a MACE/AMSAC call.
[AI] (Ken) will follow up with Kuali/Rice about I2MI collaboration.
[AI] (Ken) will draft a catalyst doc, covering the key items to be addressed in advising VOs how to use our infrastructure.
[AI] (Leif) will contact Ken/Steven/Tom about potential overlaps between the SDCI proposal and projects in the EU.
[AI] (Jens) will speak to an Eduroam rep about communicating with Educause.
[AI] (Ken) will draft and circulate a letter to Rice leadership, requesting input to roadmaps and use cases, and to ensure our projects with Kuali projects are aligned with their high-level strategic direction.
[AI] (Nate) will distribute information to the list about upcoming tactical issues facing MACE
[AI] (All) send Bamboo IAM comments to Tom ASAP for coordination.
[AI] (All) interested in participating in the international collaboration activity contact RL "Bob."
[AI] (RL "Bob") will contact a representative of Kuali Rice about coordinating a call.
[AI] (Ken and Mark) will distribute some information on trust anchors in the context of dynamic network configuration in GENI testbed, as well as for general access control.
[AI] (Ken) will circulate some meeting notes from the last TERENA/ REFEDS meetings.

**Recent Meetings**
- Fall I2MM
October 3-6, 2011, Raleigh, NC
http://events.internet2.edu/2011/fall-mm/
There was a mini-REFEDS meeting. Dinner theater was Joni Brennan, Executive Director of Kantara Initiative.

It was noted that the Net+ service announcements (Box.net and HP cloud) leverage the middleware work over the last 10 years (i.e. federated access), and it will be interesting to track the integration efforts ongoing, via InCommon, especially as the early adopters progress.

- IIW
October 18, 2011, Mountain View, CA
http://www.internetidentityworkshop.com/
https://iiw13.eventbrite.com/

There was an NSTIC day as part of this. Note also the "Cross-Sector Digital Identity Project"
https://www.microsoft.com/mscorp/twc/endtoendtrust/vision/cdip.aspx

- Identity providers separate from attribute providers, as a business model...
https://sites.google.com/site/streetidentitylmnop/workinggroup/lmnopap

Google and others will establish themselves as higher LoA IdPs, and at least Google will try to create a business model for providing attributes.

There is an effort to use Facebook social graphs for identity proofing.

AT&T has come out with Personal Levels of Assurance (PLOA), a white paper that introduces a new approach for determining transaction-based assurance. http://www.idcommons.org/wp-content/uploads/2011/10/PLOA-White-Paper-v1.02.pdf

- PESC Data Summit
October 12-14, 2011, San Francisco, CA
http://www.pesc.org/interior.php?page_id=212

This included a session on the AdmitMe project, i.e. one central IdP for college applicants. Ann and Nate attended.
http://www.pesc.org/interior.php?page_id=214
https://spaces.internet2.edu/display/InCAdmissions/Home

Q: What about international students coming to the US for college? Will this require a US IdP?
A: Interesting topic, not yet on the roadmap to tackle.

- EDUCAUSE
October 18-21, 2011, Philadelphia
http://www.educause.edu/E2011

- Kantara F2F
October 21, 2011

**Upcoming Meetings**
https://spaces.internet2.edu/display/MACECalendar/MACE+Calendar

- OIX Attr Summit
November 2011
http://openidentityexchange.org/

OpenID Connect interop will be a focus.

- Moonshot 3
24 October 2011, Cambridge MA
http://www.project-moonshot.org/meeting3

- TF-EMC2 19
Bologna, Italy, November 7-8, 2011
http://www.terena.org/activities/tf-emc2/meetings/19/

- IETF 82,
November 13-18, 2011, Taipei, Taiwan
https://www.ietf.org/meeting/82/

- ISoc IDEcosystem

- CSG
January 11-13, 2012, Stanford, CA
http://www.stonesoup.org/meetings/1201/

- IDTrust
Gaithersburg, MD (NIST)

- REFEDS
May 20, 2012, Reykjavík, Iceland (in conjunction with TNC2012)
https://www.terena.org/events/details.php?event_id=1978

**Discussion**

- Federated groups discussion venue
Roland and Victoriano are now co-chairs of TF-EMC2. What roles might they play in the areas of GroupAPI(s) and federated groups? Otherwise, where should these conversations take place?

This is being taken up to some degree in the VO space, but it goes beyond that. Use cases are being produced by LIGO, for example.

Q: What are the problems that would motivate people to participate in this discussion?
A: An example use case is box.net, esp. around de-provisioning group memberships. There may well be other examples of several NRENs looking at the same vendors, and thus there needs to be a way to communicate group information -- not tied to a particular implementation.

Leif noted that there is potentially related work under way in GEANT.

SCIM may be interested in this topic as well, and likely won't be part of TF-EMC2...

There are other use cases, both in the US and EU, related to LMSs used by "guest" students authenticating from different campuses.

It was suggested that we bring the discussion to EMC2 and see how it goes.

There have been discussions about holding a VO CAMP (aka VAMP) and perhaps this might be hosted by TERENA. Attracting VO architects to the federated groups discussion would be useful.

Potential discussion topics include: front/back channel, provisioning, OpenSocial, schema, UIs. For these topics, the "users" (e.g. LIGO) don't really need to be there. Grouper folks would be more central to these discussions.

The existing Internet2 Collab-Intl mailing list was suggested as a forum as well, but might not be the right set of participants.

[AI] (Leif) will talk to Andreas about reiterating the VOOT use cases around federated groups.

- OSIdM4HE update
The provisioning team is looking at federated groups as part of their work. At the recent Educause meeting, there was a great deal of interest in learning more about this. A list of interested institutions (potential supporters) ought to be assembled... Ken, Keith, and Tom will work on this...

- saml2int
http://saml2int.org/

See Leif's mail to the REFEDS list 24-Oct-2011