Untitled Document

**MACE Call 31-August-2009**

**Attending**

RL "Bob" Morgan, U. Washington (chair)

Diego Lopez, RedIRIS

Ken Klingenstein, Internet2

Steven Carmody, Brown U.

Mark Poepping, CMU

Michael Gettes, MIT

Paul Hill, MIT

Neal McBurnett, Internet2

Jim Jokl, U. Virginia

David Wasley, independent

Scott Cantor, The Ohio State U.

Nate Klingenstein, Internet2

Renee Frost, Internet2

Steve Olshansky, Internet2 (scribe)

**New Action Items**

*Carryover Action Item*

[AI] (RL "Bob") will contact a representative of Kuali Rice about coordinating a call.

[AI] (Ken and Mark) will distribute some information on trust anchors in the context of dynamic network configuration in GENI testbed, as well as for general access control.

[AI] (Ken) will circulate some meeting notes from the last TERENA/ REFEDS meetings.

*Recent Meetings*

- GSA OpenID/privacy event

August 10, 2009, Washington DC

http://idmanagement.gov/drilldown.cfm?action=privacy_workshop

RL "Bob" attended. There was discussion at the meeting about accepting OpenIDs for access to certain government websites, and related privacy concerns (e.g. collecting/storing personal information).
Yahoo and MSLive have reportedly abandoned pair-wise identifiers as unworkable for both users and apps (per Nate).

There will be a Gov2.0 meeting put on by O'Reilly September 9-10, 2009, as a followup.
http://www.gov2summit.com/

*Upcoming Meetings*

https://spaces.internet2.edu/display/MACECalendar/MACE+Calendar

- Tao of Attribute workshop

September 28-29, 2009, Washington DC

There is good representation from NIST. More to come on this as it develops.

The focus will be more on the quality of attributes than on the transport mechanism or LoA of the authn.

- Fall Internet2 Member Meeting

Oct. 5-8, 2009, San Antonio, TX

http://events.internet2.edu/2009/fall-mm/

- DIDW/Kantara

September 14-16, 2009, Las Vegas NV

http://public.cxo.com//conferences//index.html?conferenceID=51

http://kantarainitiative.org/wordpress/about/

Scott and RL "Bob" will be attending.

- Jasig Unconference

September 28-30, 2009, Champaign, IL

http://www.jasig.org/jasig-unconference-coming

Tom and Jens will be attending.

- Fall EuroCamp

Date TBD (likely late Fall), Budapest Hungary

http://www.terena.org/activities/eurocamp/

This will be similar to Advanced CAMP. There is growing momentum around aligning IAM/security efforts across projects...

- EMC2+Mobility+Refeds,

October 21-22, 2009, Rome, Italy

http://www.terena.org/activities/tf-emc2/

RL "Bob" will be attending.

- CSG

September 23-24, 2009, Virtual

http://dev.stonesoup.org/meetings/0909/

- Tao of attributes workshop

September 28-29, 2009, Washington DC

http://middleware.internet2.edu/tao-of-attributes/

- IETF

November 8-13, 2009, Hiroshima, Japan

http://www.ietf76.jp/

**Discussion**

- identity axes discussion

There has been discussion about enabling a joint discussion of this with ECAM...

- eduPerson: affiliation values, ePTID utility?

eduPersonAffilation values are at best self-defining, but the terms may have different meanings in different parts of the world. The intent was to use the same strings found in contracts with web service providers, i.e. student, faculty, etc.

Q: what does an RP need to make an access decision?

A: is this person eligible under the terms of the contract in place?

This will be taken up in the MACE-Dir working group...

- JISC federation usability report (aka JISC Collections Service Provider Interface Study), eduID?

The report is now public. The appropriate venue for further work on this is an open question. Involving the service provider community would seem to be an important element ongoing.

The question arose about how much traction OpenID has with EU governments to date. The focus so far has been on things akin to national smart cards. Broader adoption of OpenID in this context in the future is unclear.

eduID as a brand worldwide would depend upon very broad adoption, the likelihood of which is unclear so far.

- ACAMP followup followups: spaces wiki for now

- personal certs in TERENA cert service?

There was discussion about how broadly these would be adopted, and whether application enablement would be forthcoming. More to come as this develops.