MACE Call: 4-Feb-2008

*Attendees*
R.L. "Bob" Morgan, U. Washington (chair)
Scotty Logan, Stanford
Tom Barton, U. Chicago
David Wasley, independent
Nate Klingenstein, Internet2
Jens Haeusser, U. British Columbia
Steve Carmody, Brown U.
Jim Jokl, U. Virginia
Scott Cantor, OSU
Ann West, Internet2/Educause
Neal McBurnett, Internet2
Leif Johansson, Stockholm U.
Steve Olshansky, Internet2 (scribe)

*Discussion*

Upcoming meetings:

- CAMP: Bridging Security and Identity Management
February 13–15, Tempe, AZ
http://www.educause.edu/camp081
Camp has sold out, and planning is near complete. It has attracted a good mix of security and middleware attendees.

- Mellon RIT
Annual gathering of Mellon funded projects at the end of February. Ken and Jens are planning to attend. The agenda has not yet been distributed. Unlike last year there will not be an OKI meeting preceding it.

- Shibboleth Camp (InstallFest)
2-3 days in Ann Arbor MI mid-May, adjacent to the CSG meeting May 14-16. The Shibboleth core team is hard at work on the planning. Website and registration are not yet live, the announcement is expected in 2-3 weeks. Attendees will be taken through the install process for Shib 2.0, using processes evolved from past similar events.

- JASIG
April 27-30, St. Paul, MN
http://www.ja-sig.org/conferences/08spring/
Just after the Spring Internet2 Member Meeting. They recently released their CFP and are soliciting submissions from usual Internet2 and Educause IdM communities. Ann is on the program committee. Scott and Tom are presenting an IdM pre-conference seminar for developers.

- IDTrust Meeting
March 4-6, Gaithersburg MD (NIST)
http://middleware.internet2.edu/idtrust/2008/
Several papers have been accepted and are on the website.

- Spring Internet2 Member Meeting
http://events.internet2.edu/2008/spring-mm/
Tom is on the program committee. As in the past there are a number of IdM-related sessions proposed.

- ITANA/AdvancedCAMP – It is not yet clear whether these meetings will take place this year. More to come on this as it develops.

-AACRAO Annual Meeting
March 24-27, Orlando FL
http://www.aacrao.org/orlando/
Ann will be presenting at this meeting.

-AACRAO Tech Conference
July 10-12, Baltimore MD
http://www.aacrao.org/tech08/index.htm
They don't have a website yet for the IdM Workshop, which will be held from roughly Noon Wednesday July 9 to Noon Thursday July 10. One of the main objectives will be vetting an initial draft of an whitepaper on IdM for student services.

* LIGO post-hackathon*
There was a debrief call among the participants on our side who took part in the recent hackathon at CalTech. LIGO already had a KDC and LDAP server up and running, which were utilized for the COmanage proof of concept.  Only ~12% of LIGO users are on campuses that have a Shib IdP installed, so they  got a Shib IdP running against their KDC, and Grouper, installed and configured. The hope is that more campuses with stand up IdPs going forward, but it appears that they will need to run their own centralized IdP for quite a while at least.

There were good lessons learned about the Internet2 tools related to UI, error-handling, and packaging. The LIGO folks were enthusiastic about the tools, and now that they understand them better they are looking at ways to leverage them within their environment. Since they are comfortable using VMWare we can easily hand them new images when our tools release new versions.

Ongoing, we expect that we will continue to work with LIGO as this develops. They expressed a desire for a centralized COmanage support infrastructure, into which they could submit issues related to COmanage itself (i.e. not the particular components, which already have their own respective JIRA systems).

*OpenID / OAuth*
There have been discussions among the Shibboleth core team about whether Shibboleth should support OpenID, given how widespread it is becoming. Is this worth doing, given other priorities? What would be the drivers/benefits?

Some of the questions involve the potential pros and  cons of using campus-assigned identities for accessing non-university supported applications, such as social networking sites. There are likely to be different policy foundations involved, which could make the landscape complex. There are likely substantial policy objections among campus IdM folks about using campus identities for non-campus applications.

It will be instructive to watch how governments and major vendors proceed in supporting (or not) user-centric protocols, particularly in the context of higher ed institutions.