**Attending**
Brendan Bellina, USC (chair)
Debbie Bucci, NIH
Jim Leous, Penn State
Michael Pelikan, Penn State
Scott Cantor, Ohio State
Renee Frost, Internet2
Tom Barton, U. Chicago
Todd Piket, Minnesota State Colleges and Universities system
Paul Caskey, U. Texas System
Nate Klingenstein, Internet2
Steve Olshansky, Internet2 (scribe)
**New Action Items**
[AI] (Brendan) will send the eduPerson draft to MACE for final comment and approval as eduPerson (200806)
[AI] (Debbie) will summarize her conclusions from the call in an e-mail to the MACE-Dir and InC-NIH lists.
*Carryover Action Items*
[AI] (SteveO) will add named anchors to the published eduPerson spec to make navigation easier.
[AI] (RL "Bob") will announce eduPersonAssurance on the TF-EMC2 list
[AI] {Bill Weems} will share a whitepaper addressing global Identity Management.
[AI] {Tim Crouch} Craft a survey on eduCourse adoption and usage.
[AI] {Bob Morgan} will craft a survey on use of the mail attribute and possible need for additional email attributes.
**Discussion**
- Finalization of eduPerson 200806 draft <https://spaces.internet2.edu/display/macedir/Draft+eduPerson+200806>
The group discussed the primary change, the addition of 2.2.11. eduPersonAssurance. The text is intentionally a bit vague to allow for flexibility in implementation. This will likely need to be revisited in the future when LOA2 applications require it.
[AI] (Brendan) will send the eduPerson draft to MACE for final comment and approval as eduPerson (200806)
- NIH attribute requirements
Following up on a recent thread on the mailing list, the group discussed the attributes which will be required by NIH for their early LOA1 applications, and how they will be used internally to NIH.
The discussion centered around the displayName and commonName attributes, and which would better suit NIH in this context.
The particular order and syntax will vary depending upon how IdPs have decided to populate the attributes in their directories. It will be up to NIH to decide how this flexibility will fit in their environment, and what if any data manipulation might be required on their end to make the incoming attributes appropriate for the consuming application(s).
LOA will assumed to be LOA1 for now.
The core question would seem to be: What will be the minimum operational requirements for NIH applications, and what will be the policy requirements internal to NIH about handling the data provided by SPs? There may be some adjustments required by NIH after they gain some experience in practice.
As a unique persistent identifier for their purposes, will NIH require eduPersonPrincipalName (ePPN) which may be recycled after some period of time by some IdPs, or will they require eduPersonTargetedID (ePTID) which is by definition unique.
Perhaps NIH could require a certain guaranteed minimum period for ePPN reassignment in order for it to be acceptable, but since some users persist in their relationships with NIH for decades this would likely be substantial. ePTID is not yet commonly supported by IdPs, so requiring it would likely exclude many potential users.
NIH needs a unique persistent identifier that is shared across NIH applications. It was noted that no identifier is perfect, they all have problems of some sort.
If NIH requires both ePPN and ePTID, and if the ePPN changes and is reassigned at some point, the ePTID (remaining persistent) could then be used to identify the user across multiple applications. This defeats the privacy-preserving purpose of using ePTID, however for their use case this is likely not a problem since they will know the user identities through other means.
Institutional affiliations, which in many cases could be multiple for individual users, was declared largely not relevant to this discussion at least for now.
http://www.nih.gov/participant was proposed as the attribute to hold affiliations.