MACE Conference Call, November 3, 2003

*MACE Conference Call*
November 3, 2003

*Attendees*

Bob Morgan (chair) - Washington
Tom Barton - Chicago
Brian Gilmore - Edinburgh
Paul Hill - MIT
Scott Cantor - OSU
Von Welch - NCSA
Neal McBurnett - Internet2
Renee Frost - Michigan/Internet2
Michael Gettes - Duke
Ton Verschuren - SURFnet
Ken Klingenstein - Colorado/Internet2
Ben Chinowsky (scribe) - Internet2

*Discussion*

Ken opened the discussion with a brief account of the recent NMI review. NMI-EDIT's efforts were well-received; a report will be out in a week or so. It's increasingly clear that the problem of how to do branding is both important and poorly understood; the review panel would like MACE to figure this out. It looks like the Michigan/Indiana work on Grid portals will also be of growing importance.

Ken also reviewed a recent meeting with Mellon. This meeting included much discussion of Sakai, a "next-generation learning management system" that intends to draw from the best of existing systems such as OKI and uPortal. Keith is tracking Sakai. Maintenance was another much-discussed issue; Mellon has set up an organization called Ithaka with the goal of providing support for nonprofits doing open-source projects, and in particular helping such projects formulate business plans that can ensure sustainability (uPortal is a model here). Ithaka is already providing support for JSTOR and ARTstor. Ithaca will not work on integration, but there was strong agreement that it's important to move forward in this area; Ken stressed to Mellon that the hardest part is setting up the standard that everyone is to integrate against.

The group discussed possible approaches to integration. Ken noted that there are two sets of issues -- if and how to incorporate existing code into NMI releases, and how to help people who want to develop MACE-friendly code -- with list servers being the most pressing class of application to address. There was considerable interest in taking an approach that would be more descriptive and less prescriptive than the kind of "imprimatur-granting" process that many seem to be hoping for from MACE. Suggestions along this line included documenting who's using various products and how those products are working for them; finding ways to get apps users to do more of this kind of documentation themselves; an "NMI recipe" patterned after the LDAP recipe; a moderated Slashdot-like forum for discussion of interoperability issues; and publishing NMI best practices describing what apps developers need to do to function within the emerging middleware architecture as MACE sees it. [AI] Ken will see what Kevin thinks of the proposed best-practices approach to integration. [AI] All will give some further thought to what role MACE should have in setting standards for integration.

Bob reported back from the face-to-face SAML meeting. There's lots of work on the table for SAML 2.0; this version will not be backward-compatible. Bob is hopeful that SAML 2.0 will be able to replace many homegrown WebISO protocols; he noted that work on 2.0 has included "some quite profound considerations of information models". Scott is also optimistic about 2.0 being a significant step forward.

Michael noted that he's revising the I2IM charter to make it clearer that the group's initial focus on Jabber/XMPP does not amount to MACE blessing Jabber/XMPP as the best IM technology.

There was a short discussion of the low profile of federated administration and federated identity services in IETF. Bob noted that while there's more that could be done with IETF in this space, overall they tend to be conservative, keeping their focus on PKI and Kerberos.

There is interest in developing a UKeduPerson; this work needs to be coordinated with the international eduPerson work agreed to in Zagreb. [AI] Ken and Renee will check on the status of international eduPerson, and send MACE an update. Brian noted a JISC call for proposals at http://www.jisc.ac.uk/index.cfm?name=funding_middleware.

Ken noted that the new Internet2 network security working group has been named SALSA, to reflect its building on the work of the recent Security at Line Speed (SALS) workshop. (Findings from this workshop will be published soon; watch http://apps.internet2.edu/sals/.) Ken described SALSA as "the equivalent of MACE for network security"; the group's initial focus will be network mobility, and its first conference call is planned for next week. SALSA will address technology issues only, not policy issues. Mark Poepping is a member of both MACE and SALSA, and will be responsible for coordination between the two groups. SALSA includes one person from UKERNA; Ken welcomes suggestions for other European participants.

*Action Items*

[AI] Ken will see what Kevin thinks of the proposed best-practices approach to integration.
[AI] All will give some further thought to what role MACE should have in setting standards for integration.
[AI] Ken and Renee will check on the status of international eduPerson, and send MACE an update.