**MACE Call 27-September-2010**

 

**Attending**

RL "Bob" Morgan, U. Washington (chair)

Ken Klingenstein, Internet2

Renee Shuey, Penn State U.

Keith Hazelton, U. Wisc. - Madison

Scott Cantor, The Ohio State U.

Steven Carmody, Brown U.

Leif Johansson, SUNET/NORDUnet

Renee Frost, Internet2

David Wasley, independent

Von Welch, independent

Tom Barton, U. Chicago

Scotty Logan, Stanford

Ann West, Internet2

Nate Klingenstein, Internet2

 

NEXT CALL: 11-October-2010

 

*New Action Items**

[AI] (RLBob, Scott, and SteveO) will proceed with the process of formalizing the FedApps working group, including setting up a list/wiki/website, and advertise it in the appropriate venues.

 

*Carryover Action Items*

[AI] (Ken) will draft a one-pager about what MACE does and what questions it has, for review by MACE, as a discussion guide with Internet2 leadership.

[AI] (Ken and ReneeF) will look at the Fall I2MM schedule to see if there is an opportunity for a F2F meeting between MACE and Internet2 leadership.

[AI] (Scott) will send a note to MACE about potentially spinning up a new working group to address his AdvanceCAMP AI: Write Developers Guide to Federating Applications.

[AI] (All) if interested in supporting MoonShot activities, send mail to Ken and subscribe to appropriate lists TBD. There may be some funding available to support travel, e.g. to IETF meetings...

[AI] (Ken) will distribute a draft requirements framework for VO support engagement

[AI] (David) will contact GSA for an update on the approval process for InCommon Silver.

[AI] (ReneeS) will revisit the list of potential new MACE members on the list.

[AI] (All) Send input to Ken about how the InCommon cert service ought to be packaged - i.e. amendment to existing InCommon contract, or other.

[AI] (Ken) will revise the mission statement based upon feedback received on the call.

[AI] (Ken) will send out info on DHS secure online transactions

[AI] (Ken) will follow up on a MACE/AMSAC call.

[AI] (Ken) will follow up with Kuali/Rice about I2MI collaboration.

[AI] (Ken) will draft a catalyst doc, covering the key items to be addressed in advising VOs how to use our infrastructure.

[AI] (Leif) will contact Ken/Steven/Tom about potential overlaps between the SDCI proposal and projects in the EU.

[AI] (Leif) will discuss the IDTrust meeting on the PKNG list, seeking feedback.

[AI] (Jens) will speak to an Eduroam rep about communicating with Educause.

[AI] (Ken) will draft and circulate a letter to Rice leadership, requesting input to roadmaps and use cases, and to ensure our projects with Kuali projects are aligned with their high-level strategic direction.

[AI] (Nate) will distribute information to the list about upcoming tactical issues facing MACE

[AI] (All) send Bamboo IAM comments to Tom ASAP for coordination.

[AI] (All) interested in participating in the international collaboration activity contact RL "Bob."

[AI] (RL "Bob") will contact a representative of Kuali Rice about coordinating a call.

[AI] (Ken and Mark) will distribute some information on trust anchors in the context of dynamic network configuration in GENI testbed, as well as for general access control.

[AI] (Ken) will circulate some meeting notes from the last TERENA/ REFEDS meetings.

 

**Recent Meetings**

- TF-EMC2, September 22, 2010, Copenhagen, Denmark

http://www.terena.org/activities/tf-emc2/meetings/16/

 

Leif and Ken met with others to discuss BEER, aimed at creating a lightweight mechanism to store SP metadata that other federations may want to consume.

https://spaces.internet2.edu/display/BEER/Home

 

There was a full-day MoonShot meeting, and they are making progress o a set of technologies to propose as IETF standards.

 

The TF-EMC2 meeting was very dense, with too much on the agenda to address adequately. The TOR (terms of reference) chartering EMC2 for the next 3 years was approved.

http://www.terena.org/activities/tf-emc2/tor.html

(presumably to be posted soon)

 

TF-Mobility met as well. The French have setup a web-redirect version of Eduroam called Eduspot. This is intended as an alternative to Eduroam, not a replacement. The Italians may also be interested in this, due apparently at least in part to their user consent/compliance. The Japanese federation is interested in this as well, driven by the cell operators who desire to offload traffic to wifi.

 

The next meeting is expected to be longer, February 14-18, 2011, location TBA.

http://www.terena.org/activities/tf-emc2/meetings/

 

- gov2.0, September 7-8, 2010, Washington DC

http://www.gov2summit.com/gov2010

 

This was invitation-only, David attended. NIH has seen roughly 1/4 of its 15K+ federated users coming from InCommon, with most of the rest coming from Google's OpenID. There are reports of delays in NIH updating their metadata, leading to some issues.

 

The ICAM Trust Framework Provider Adoption Process (TFPAP) has been conditionally approved, with OpenID and InfoCard at LoA1, and with Kantara at LoA1-3. InCommon is the only other which has applied to date. The only actively approved ICAM IdP is Google OpenId at LoA1.

 

NLM is seeking to become the world registry for author identifiers. The question arises of how a particular author can be confirmed to be the actual source of a particular piece of work, especially older ones.

 

http://www.idmanagement.gov/documents/TrustFrameworkProviderAdoptionProcess.pdf

 

- IIW, Sep. 9-10, 2010, Washington DC

http://iiw.idcommons.net/Iiw-east-1

 

David attended. There was also a meeting Wed 8-Sep with OIX, InfoCard, and Kantara, looking at library use of federated identity.

 

**Upcoming Meetings**

https://spaces.internet2.edu/display/MACECalendar/MACE+Calendar

 

- OASIS IdM, September 27-28, 2010, Washington DC

http://events.oasis-open.org/home/IDM/2010

 

If the SPML group is going to meet F2F there would be value in participation by someone from I2MI.

 

- Educause Annual, October 12-15, Anaheim, CA

http://www.educause.edu/E2010

 

There will be a number of federation-related sessions, including InC-Student talking about identity proofing. There is also a CIO track which will likely cover federated IdM.

 

- REFEDs/I2FMM, October 31 - November 4, 2010, Atlanta, GA

http://events.internet2.edu/2010/fall-mm/

 

The REFEDs meeting, on the Sunday before the I2MM, will be the first held outside of the EU.

 

- Federated CI Workshop, November 4-5, 2010, Arlington VA

(After the Fall Internet2 Member Meeting)

This will be focused on federated identity strategies among the science community. Speakers and participants are being sought.

 

- InCommon DayCAMP, November 4, 2010, Arlington VA

(After the Fall Internet2 Member Meeting)

For campuses new to federation...

 

- Symposium on Authentication Technologies for Research and Education

Oct. 4, 2010, Lubbock TX

http://indico.rnp.br/conferenceDisplay.py?confId=85

co-sponsored by the International Grid Trust Federation and the Open Grid Forum.

 

- CAMP/ACAMP 2011

There is a proposal to co-locate ACAMP 2011, as a follow-on to past ACAMPs, with the Jasig annual meeting, perhaps in Denver in May. More to come on this as it develops.

 

The question arose as to the overlap between CAMP and ACAMP attendees, and it seems that there is relatively little overlap both in attendees and expectations.

 

There is consideration being given to model the next CAMP after the last InCommon CAMP. There was also discussion as to whether schools that might be the target market for InCommon CAMP are the sort which would be inclined to sent staff to national meetings.

 

- IETF 79 - Beijing, China

November 7-12, 2010

http://www.ietf.org/meeting/79/

 

- IIW Europe, London
October 11, 2011

http://www.internetidentityworkshop.com/iiw-europe-london-october-11th/

 

- IIW, Mountain View, CA

November 2-4, 2010

http://www.internetidentityworkshop.com/iiwxi-11-in-mountain-view/

 

- Jasig Unconference, Joliet IL

Oct 18-21, 2010

http://www.jasig.org/2010-jasig-unconference

 

 

**Discussion**

- attribute advancement

What could or should be done, and where? By I2MI/MACE -- at the WG level (MACE-Dir or other)? At the federation level? REFEDS?

 

What are the use cases/drivers/incentives?

 

How do regulatory issues come into play?

 

Should we be reactive or proactive in this space?

 

Are there attributes from SCHAC that are relevant to our work?

 

Is attribute mapping required and useful?

 

Is there one or more fundamental level(s) of schema that should be shared among R&E federations?

 

The question of who has the authority to populate particular attributes, e.g. in the context of uApprove, arose...

 

* FedApps activity

See the draft charter at https://spaces.internet2.edu/display/~cantor.2@osu.edu/FedApp+Draft+Charter

 

Consensus on the call was that the charter seems right, and that MACE should spin up this working group.

 

[AI] (RLBob, Scott, and SteveO) will proceed with the process of formalizing the FedApps working group, including setting up a list and website, and advertise it in the appropriate venues.

 

- Provisioning:

is this a new WG activity deserving of a charter?

is it just about Grouper features or more cross-cutting?

SPML: threat or menace?

 

It was also noted that TomZ is adding SPML classes in the OpenSAML project, intended to work initially with LdappcNG.

Consensus on the call was that a logical starting point for discussion is an assessment of the current state of provisioning, including in the context of clouds, VOs, and interfederation.

Note that there is a mailing list for this activity resulting from the most recent Advance CAMP:
https://lists.internet2.edu/sympa/info/provision

More to come on this topic on a future call...