**MACE Call 28-February-2011**
**Attending**
RL "Bob" Morgan, U. Washington (chair)
Ken Klingenstein, Internet2
Renee Shuey, Penn State U.
Tom Barton, U. Chicago
Michael Gettes, CMU
Keith Hazelton, U. Wisc. - Madison
Steven Carmody, Brown U.
Jim Jokl, U. Virginia
Leif Johansson, SUNET/NORDUnet
Ann West, Internet2
David Wasley, independent
Steve Olshansky, Internet2 (scribe)
NEXT CALL: 14-March-2011
**New Action Items**
[AI] (Ken) will distribute the CRU taxonomy of SPs
[AI] (Ken) will send out a list of potential seed corn invitees, and suggestions are welcome.
[AI] (Ken) will send out a link to relevant GENI IdM information.
*Carryover Action Items*
[AI] (Keith) will write up the current state of the identifier discussion and apparent consensus, and associated explanatory material, for use by REFEDs.
[AI] (Ken) will coordinate a small working group with Heather to look into access control and IdM layer requirements for shared file services, calendaring, and web-conferencing in a federation-centric context.
[AI] (All) with suggestions for other foundations that the Shib Consortium could eventually be embedded in are encouraged to discuss them on the list.
[AI] (Ken) will convene a small subgroup of MACE to consider the seed corn issues in more depth and report back on a forthcoming call, soon.
[AI] (Ken) will invite Mike Conlin (U. Florida), the VIVO PI, to a forthcoming MACE call.
[AI] (Keith) will maintain an issues list to inform a potential new charter for MACE-DirNG, syncing it with the FedApps charter.
[AI] (RLBob, Scott, and SteveO) will proceed with the process of formalizing the FedApps working group, including setting up a list/wiki/website, and advertise it in the appropriate venues.
[AI] (Ken) will draft a one-pager about what MACE does and what questions it has, for review by MACE, as a discussion guide with Internet2 leadership.
[AI] (Ken) will distribute a draft requirements framework for VO support engagement
[AI] (David) will contact GSA for an update on the approval process for InCommon Silver.
[AI] (ReneeS) will revisit the list of potential new MACE members on the list.
[AI] (Ken) will revise the mission statement based upon feedback received on the call.
[AI] (Ken) will send out info on DHS secure online transactions
[AI] (Ken) will follow up on a MACE/AMSAC call.
[AI] (Ken) will follow up with Kuali/Rice about I2MI collaboration.
[AI] (Ken) will draft a catalyst doc, covering the key items to be addressed in advising VOs how to use our infrastructure.
[AI] (Leif) will contact Ken/Steven/Tom about potential overlaps between the SDCI proposal and projects in the EU.
[AI] (Leif) will discuss the IDTrust meeting on the PKNG list, seeking feedback.
[AI] (Jens) will speak to an Eduroam rep about communicating with Educause.
[AI] (Ken) will draft and circulate a letter to Rice leadership, requesting input to roadmaps and use cases, and to ensure our projects with Kuali projects are aligned with their high-level strategic direction.
[AI] (Nate) will distribute information to the list about upcoming tactical issues facing MACE
[AI] (All) send Bamboo IAM comments to Tom ASAP for coordination.
[AI] (All) interested in participating in the international collaboration activity contact RL "Bob."
[AI] (RL "Bob") will contact a representative of Kuali Rice about coordinating a call.
[AI] (Ken and Mark) will distribute some information on trust anchors in the context of dynamic network configuration in GENI testbed, as well as for general access control.
[AI] (Ken) will circulate some meeting notes from the last TERENA/ REFEDS meetings.
**Recent meetings**
- RSA
Feb 14-18, 2011, San Francisco CA
http://www.rsaconference.com/2011/usa/
RL "Bob" attended. There was an Internet identity day adjunct to the main conference, co-sponsored by Kantara. Bob led a session on assurance, and noted a medical insurance industry participant observed a great deal of federation activity, mostly peer-to-peer from hub to hub, but with little or no assurance associated.
Mozilla/Firefox was present, discussing validation of e-mail addresses in proposed alternate mechanisms (i.e. other than the traditional round-trip), e.g. by using OpenID/OAuth hybrid and obtaining assertions from other trusted IdPs. These could be viewed as CAs of a sort, blessing private keys associated with e-mail addresses...
Keith noted that there is some documentation forthcoming from the SocialIdentity group which may be of interest in this discussion, and it may be useful to cross-pollinate to the degree practical.
Microsoft has deprecated CardSpace, due to lack of adoption. They have switched to U-Prove, which may be interoperable with SAML.
Bob also met with FICAM reps, and there is enthusiasm on their side in moving forward with the InCommon work.
- TF-EMC2
Feb 14-15, 2011, Lyon France
http://www.terena.org/activities/tf-emc2/meetings/17/
Leif and Ken attended. Most countries seem to be entangled in metadata management and attribute release issues. Automatic metadata feeds from SPs are in use in 2 federations, which has spurred increased participation by SPs.
ABFAB was present, and discussed topics including discovery in non-web apps.
Other topics included acceptable attribute release policies in the EU, collaboration management and associated access control issues, and the fact that OpenID seems to be ebbing a bit due to the lack of a real marketplace and support for higher LoAs, and the Social2SAML gateway. The transition of PEER and eduGAIN to production services was also discussed...
CRU has developed a taxonomy of SPs.
[AI] (Ken) will distribute the CRU taxonomy of SPs
The next TF-EMC2 meeting will be virtual, at the end of June.
- CIC IdM F2F, week of 14-Feb
IdM and VO people were in attendance, and the onboarding problem was discussed. Tom will look into sharing the notes from this meeting with MACE.
**Upcoming Meetings**
https://spaces.internet2.edu/display/MACECalendar/MACE+Calendar
- Jasig/ACAMP 2011
May 25-27, 2011 in Westminster, CO
https://spaces.internet2.edu/display/ACAMPIdSummit2011/Home
ACAMP will be adjacent to the JASIG conference in Denver, and will be similar to past ACAMPs. This will be at the end of May, unlike in past years and branded InCommon. There will be an InC-Silver session.
- InCommon CAMP
This will be held at the end of June in Cincinnati OH.
- IETF 80 - Prague, CR
March 27-April 1, 2011
http://www.ietf.org/meeting/upcoming.html
- IDTrust
Apr 6-7, 2011, Gaithersburg, MD
http://middleware.internet2.edu/idtrust/2011/
This will be mostly panel-oriented. Recommended procedures for app developers to incorporate federated IdM will be addressed. Poster submission deadline will be mid-March.
- Spring 2011 Internet2 Member Meeting
April 18-20, 2011, Arlington, VA
http://events.internet2.edu/2011/spring-mm/
Planning is underway. The schedule is now online:
http://events.internet2.edu/2011/spring-mm/agenda.cfm?tracks=56&types=&details=on
As in the past, more detailed information will be forthcoming as available about middleware and federation sessions in particular...
- IIW
May 3-5, 2011, Mountain View, CA
http://iiw.idcommons.net/
**Discussion**
- Internet2/InCommon/US-UCAN management/governance update
Mark Johnson is the interim director of US-UCAN, and Mike Roberts is leading a committee to develop a business model.
InCommon has new steering committee members. Jack and Kevin have monthly calls with Dave. See
http://www.incommon.org/about.html
- opening up themed calls to seed corn et al
There is continued interest in cultivating seed corn, and thus some will be invited with a standing invitation to forthcoming themed calls. Suggestions for invitees are welcome.
There was discussion about opening up some of the themed calls to anyone interested, as seems appropriate.
[AI] (Ken) will send out a list of potential seed corn invitees, and suggestions are welcome.
- GENI
GENI has decided that SAML and federated IdM, and COmanage, makes sense for them, and "handed over" their IdM to Ken and Steven. Attribute-based access control (ABAC) is widely used in their context.
http://www.geni.net/
[AI] (Ken) will send out a link to relevant GENI IdM information.