**MACE Call 31-January-2011**
**Attending**
RL "Bob" Morgan, U. Washington (chair)
Renee Shuey, Penn State U.
Tom Barton, U. Chicago
Michael Gettes, CMU
Keith Hazelton, U. Wisc. - Madison
Steven Carmody, Brown U.
Scott Cantor, The Ohio State U.
Leif Johansson, SUNET/NORDUnet
Ann West, Internet2
David Wasley, independent
Neal McBurnett, Internet2
Steve Olshansky, Internet2 (scribe)
NEXT CALL: 14-February-2011
**New Action Items**
[AI] (Keith) will write up the current state of the identifier discussion and apparent consensus, and associated explanatory material, for use by REFEDs.
*Carryover Action Items*
[AI] (Ken) will coordinate a small working group with Heather to look into access control and IdM layer requirements for shared file services, calendaring, and web-conferencing in a federation-centric context.
[AI] (All) with suggestions for other foundations that the Shib Consortium could eventually be embedded in are encouraged to discuss them on the list.
[AI] (Ken) will convene a small subgroup of MACE to consider the seed corn issues in more depth and report back on a forthcoming call, soon.
[AI] (Ken) will invite Mike Conlin (U. Florida), the VIVO PI, to a forthcoming MACE call.
[AI] (Keith) will maintain an issues list to inform a potential new charter for MACE-DirNG, syncing it with the FedApps charter.
[AI] (RLBob, Scott, and SteveO) will proceed with the process of formalizing the FedApps working group, including setting up a list/wiki/website, and advertise it in the appropriate venues.
[AI] (Ken) will draft a one-pager about what MACE does and what questions it has, for review by MACE, as a discussion guide with Internet2 leadership.
[AI] (Ken) will distribute a draft requirements framework for VO support engagement
[AI] (David) will contact GSA for an update on the approval process for InCommon Silver.
[AI] (ReneeS) will revisit the list of potential new MACE members on the list.
[AI] (Ken) will revise the mission statement based upon feedback received on the call.
[AI] (Ken) will send out info on DHS secure online transactions
[AI] (Ken) will follow up on a MACE/AMSAC call.
[AI] (Ken) will follow up with Kuali/Rice about I2MI collaboration.
[AI] (Ken) will draft a catalyst doc, covering the key items to be addressed in advising VOs how to use our infrastructure.
[AI] (Leif) will contact Ken/Steven/Tom about potential overlaps between the SDCI proposal and projects in the EU.
[AI] (Leif) will discuss the IDTrust meeting on the PKNG list, seeking feedback.
[AI] (Jens) will speak to an Eduroam rep about communicating with Educause.
[AI] (Ken) will draft and circulate a letter to Rice leadership, requesting input to roadmaps and use cases, and to ensure our projects with Kuali projects are aligned with their high-level strategic direction.
[AI] (Nate) will distribute information to the list about upcoming tactical issues facing MACE
[AI] (All) send Bamboo IAM comments to Tom ASAP for coordination.
[AI] (All) interested in participating in the international collaboration activity contact RL "Bob."
[AI] (RL "Bob") will contact a representative of Kuali Rice about coordinating a call.
[AI] (Ken and Mark) will distribute some information on trust anchors in the context of dynamic network configuration in GENI testbed, as well as for general access control.
[AI] (Ken) will circulate some meeting notes from the last TERENA/ REFEDS meetings.
**Recent meetings**
- CSG
Jan 12-14, 2011, Durham NC (Duke)
http://www.stonesoup.org/meetings/1101/
Assurance was a topic of interest...
- IAMOnline: Panel Discussion About Persistent Identifiers for Education
Jan. 12, 2011
http://www.incommonfederation.org/iamonline/
**Upcoming Meetings**
https://spaces.internet2.edu/display/MACECalendar/MACE+Calendar
- ACAMP 2011
May 25-27, 2011 in Westminster, CO
https://spaces.internet2.edu/display/ACAMPIdSummit2011/Home
ACAMP will be adjacent to the JASIG conference in Denver, and will be similar to past ACAMPs. This will be at the end of May, unlike in past years and branded InCommon. There will be an InC-Silver session.
- InCommon CAMP
This will be held at the end of June in Cincinnati OH.
- RSA
Feb 14-18, 2011, San Francisco CA
http://www.rsaconference.com/2011/usa/
There will be an identity collaboration day adjunct to the main conference. It was observed that Kantara, OpenID, OIX, and InformationCard appear to be losing some constituency/visibility at this meeting, unlike SAML.
- TF-EMC2
Feb 14-15, 2011, Lyon France
http://www.terena.org/activities/tf-emc2/meetings/17/
- IETF 80 - Prague, CR
March 27-April 1, 2011
http://www.ietf.org/meeting/upcoming.html
- IDTrust
Apr 6-7, 2011, Gaithersburg, MD
http://middleware.internet2.edu/idtrust/2011/
This will be mostly panel-oriented. Recommended procedures for app developers to incorporate federated IdM will be addressed. Poster submission deadline will be mid-March.
- Spring 2011 Internet2 Member Meeting
April 18-20, 2011, Arlington, VA
http://events.internet2.edu/2011/spring-mm/
Planning is underway...
- IIW
May 3-5, 2011, Mountain View, CA
http://iiw.idcommons.net/
**Discussion**
- identifier discussions resolving?
The grid use case, and its need for a non-reassignable identifier, has spurred discussion about this on the MACE-Dir mailing list. EPTID would likely meet this need, but federations would need to promote its use more strongly, especially InCommon. Rough consensus from REFEDs about promoting use of EPTID would be useful in this context.
Content providers (e.g. digital library resource vendors) would be a logical target for this evangelization, among others.
Correlation of information about users (i.e. privacy), and human readability, are issues that should be separated from non-reassignability. It was observed that in the US there seem to be a broad spectrum of interpretations of various privacy regulations, as they impact attribute release. The EU seems to be more codified in this respect.
Better documentation on the use of EPTID at the Shib software level, along the lines of a how-to guide, would be useful and is forthcoming.
Clearly-defined problems and use cases are really needed to carry the discussion forward.
It was suggested that since Educause represents a broader higher-ed constituency, it would be useful to include them in this discussion at some point.
[AI] (Keith) will write up the current state of the identifier discussion and apparent consensus, and associated explanatory material, for use by REFEDs.
The relationship between EPTID and privacy rules, and whether this constitutes PII, is something that needs to be clarified but this will likely only happen when it is raised in a real usage scenario.
It was suggested that appending a meeting to the upcoming Spring Internet2 Member Meeting in DC would be a good venue for further discussion on this, with the intent of including relevant government players.
- OpenID group forming? relationship to FedApp?
There has been a series of phone calls on this topic, with a new mailing list and wiki to support it. This will likely be a short term activity.
https://spaces.internet2.edu/display/OpenID/Home
https://lists.internet2.edu/sympa/info/openid
Providing guidance to app developers (toward some degree of standardization), and collecting experience toward informing use cases, are goals of this effort. The demand for, and applicability of, SAML/OpenID gateways is also being examined.
- Membership organization IAM? (Internet2, EDUCAUSE, TERENA, etc)
Momentum on this seems to be increasing, and commonalities are emerging among prominent organizations in the R&E arena -- e.g. the desire for SPs to maintain person registry entries for some users, separate from the IdP, and IdPs also supporting multiple authentication technologies in addition to SAML (OpenID). Managing and assigning permissions to users is a closely related issue.
GlobusOnline and BIRN were cited as examples of large extended VOs taking on identity management challenges.