MACE Conference Call, June 30, 2003

*MACE Conference Call*
June 30, 2003

*Attendees*

Bob Morgan (chair) - Internet2
Steve Olshansky - Internet2
Keith Hazelton - Wisconsin
Neal McBurnett - Internet2
Brian Gilmore - Edinburgh
Ton Verschuren - SURFnet
Ken Klingenstein - Colorado/Internet2
Renee Frost - Michigan/Internet2
Scott Cantor - OSU
Mark Poepping - CMU
Von Welch - Chicago/Argonne/NCSA
Steven Carmody - Brown
Ben Chinowsky (scribe) - Internet2

*Discussion*

Ken opened the call with the news that all groups participating in NMI will be getting significant cuts in funding. A comprehensive review of the NMI program is being planned for later this year in DC. [AI] Brian will discuss the European role in NMI with Alan Robiette. [AI] Keith, Bob, and Ken will confer on the timeline for NMI activities and funding.

Advanced CAMP is July 8-11; see http://www.educause.edu/conference/nmi/camp033/. Ken observed that "by and large the baseline for campus middleware deployments has moved up a lot", suggesting that Advanced CAMP will increasingly be a greater focus of interest than basic CAMP. Increasingly the CAMPs are becoming the main face-to-face meeting for middleware technical work, and the Internet2 member meetings less so. The Joint Techs network engineering meetings (http://ncne.nlanr.net/training/techs/) are increasingly seen as a model for the CAMPs. In particular, there's a sense that, even as the overall technical level of attendees rises, Advanced CAMP will need to provide basic tutorials to accommodate newcomers. Also, there has been some discussion of making the CAMPs topic-specific; this idea has been rejected in favor of the Joint Techs model of a big-picture meeting incorporating specialized sessions as needed.

Ken noted that Burton has released new RBAC materials. Keith is going to San Francisco to discuss Shibboleth at a post-Catalyst BoF on Liberty and SAML. Bob recently attended the Microsoft Government Security Summit West (https://www.meetingsolutionsinc.com/microsoftgovernment); he noted interesting work on what Microsoft is calling "information rights management", which involves tagging documents with specifics about who's allowed to see them and for how long. [AI] Bob will send the list information from the Microsoft security meeting.

Bob and Ken discussed developments at GGF8:
- A new working group is planned on OGSA Authorization. Bob noted that there are a few different authZ services in the Grid world, which look about 80% alike, providing a good basis for standardization within OGSA. The group will focus on SAML and XACML; Bob plans to participate and is optimistic about this group's prospects. Bob noted that this is GGF's second AuthZ working group; the current group is higher-level and non-OGSA-specific.
- Ellen Stokes of IBM is leading a working group on the Open Grid Service Common Management Model (CMM); she will be contacting MACE to discuss work on diagnostics.
- With respect to technology-independent federations, Ken floated the idea of each country forming low-assurance federations, then tightening them up as they grow. His impression was that PKI is not getting much traction in the Grid world.
- Not much seems to be happening with accounting, which is worrisome as this is generally considered to be essential to the success of real-world Grid deployments. Some accounting work has been done in the GGF usage record working group (http://www.psc.edu/~lfm/Grid/UR-WG/); the OGSI working group (https://forge.gridforum.org/projects/ogsi-wg) has contributed to the IETF work on accounting documented in RFCs 2903-2906.
- More generally, Ken observed that Grid deployments continue to face "lots of one-off challenges" which really add up when taken together.

The group discussed developments in Internet2 working groups:
- There is a new Presence and Integrated Communications (PIC) working group; see http://pic.internet2.edu. Though the PIC WG is chartered in the Applications area, much of its work is focused on middleware. PIC staff liaison Ben Teitelbaum has called Ken's attention to a German company called iptel.org (http://iptel.org), whose products could provide a basis for MACE's SIP proxy work. iptel.org will be at the Vienna IETF; [AI] Bob will find out how well iptel.org's work fits with the MACE approach. Ken noted that federations may necessitate changes to some of the basic flows that happen in SIP protocols; iptel.org is a likely candidate for getting this work done.
- A new MACE working group, MACE-Course-ID, has been formed to work on course data elements. See http://middleware.internet2.edu/courseID/.
- Several campuses have produced versions of Jabber with enterprise authentication, and uPortal is looking for a secure Jabber to include in its framework. Identifying a best-of-breed secure Jabber will be the first task of the Jabber working group now being formed. Several long-time Jabber contributors are interested in participating. Bob noted that the IETF XMPP working group has been very active. This group works on standardizing the protocol underlying Jabber; much of this work has to do with improving security, and will proceed in parallel with the Internet2 work. The LionShare proposal is also moving forward, but will not include work on Jabber.
- VidMid-VoD is going on hiatus until the Internet2 Fall Member Meeting.

The InQueue and Swiss federations have launched, and Canada's NRC has expressed interest in setting up a federation; [AI] Scott will reply to NRC. Blackboard is up as a Shibboleth target. Targets don't need to join InQueue; there was general agreement that no separate process need be set up for them. Version 1.0.1 of Shibboleth is in the works, but Scott stressed that policy issues around InQueue and InCommon are the priority for Shibboleth right now. [AI] Steven Carmody will work with Mike to produce a list of urgent Shibboleth federation policy and process issues. Steven suggested that these issues be addressed for InQueue first; the policy for InQueue could then be tightened for InCommon and relaxed for Club Roadkill. The new target date for the InCommon CA is August 1, with the federation itself active by September 1. [AI] Ken will ping Doug about Shibboleth/WebISO issues.

*Action Items*

[AI] Brian will discuss the European role in NMI with Alan Robiette.
[AI] Keith, Bob, and Ken will confer on the timeline for NMI activities and funding.
[AI] Bob will send the list information from the Microsoft security meeting.
[AI] Bob will find out how well iptel.org's work fits with the MACE approach.
[AI] Scott will reply to NRC.
[AI] Steven Carmody will work with Mike to produce a list of urgent Shibboleth federation policy and process issues.
[AI] Ken will ping Doug about Shibboleth/WebISO issues.