Signet Working Group conference call March 3, 2006

Signet Working Group conference call
March 3, 2006

*Attendees*
Lynn McRae, Stanford U. (chair)
Minh Nguyen, Stanford U.
Gary Brown, U. Bristol
Brendan Bellina, USC
Tom Barton, U. Chicago
Steve Barrett, Cornell U.
Joy Veronneau, Cornell, U.
Steve Olshansky, Internet2
Jessica Bibbee, Internet2 (scribe)

Carry Over *Action Items*

[AI] {Lynn} will request a copy of the guidelines for logo use from {Greg Wood}.

[AI] {Lynn} will move the documentation from the Stanford site to the Signet WG homepage.

[AI] Please contact {Ann} if you are interested in registering for the Signet/Grouper Early Adopters Deployment Workshop

[AI] {Bob} will send .htaccess local syntax to the group via the list.

[AI] {Tom} will send a few brief Signet case studies to the group via the list.

[AI] {Group} will develop use cases for Signet. [AI] {Jennifer} will solicit on site feedback from UC Davis about the UI demo/mock up.

[AI] {Minh} will develop a list of requirements for how Signet will interface with LDAP and Grouper.

[AI] {Tom, Jennifer, and Gary Brown} will discuss the modularity of Signet's UI and the internationalization of code for Grouper and Signet. There will be a separate call for this item.

[AI] {Lynn} will write up a person and function summary to express the relationship of privileges to roles and to determine what gets expressed in the eduPerson entitlement space.

*Discussion*

An email will be sent to participants of the Signet/Grouper Early Adopters Deployment Workshop with questions and updated information about the workshop schedule. Roughly 30 attendees from 13 institutions have signed up for the workshop thus far. The Group discussed progress on Signet work – Bugzilla, fixes, CVS, patches, contributions, etc. Currently, Bugzilla is set up so that anyone may create an account; they also have read and write access to submit bugs. Not everyone will be able to edit a submission, though they can add comments. Documentation will be adjusted to reflect the procedure for submitting bugs.

Bugs will be fixed and included in subsequent minor releases, such as v1.0.1, etc., with changes reflected in the README. Those downloading the release for the first time will get the most current version with any bug fixes; however, the Group decided that it would be best to have those fixes available, such that those who have already installed will not have to do a complete re-install.

{Tom} explored how permission information may be represented in a directory, by way of an eduPersonEntitlement and eduPermission Object Class. He is looking at various schemas for presenting Signet permissions in LDAP, group membership, and XML schema for configuring a JNDI connector to maintain instances of those LDAP schema (cf. Tom's email on 2-Mar). There are some weaknesses in using eduPersonEntitlement, which is generic by nature and provides restricted capabilities for complex queries based on string pattern matching.

The Group discussed syntax for .htaccess files and means of filtering attributes in a directory. If embedding in XML can be avoided (else need an XML parser), the optimum solution is to use what LDAP provides. The structure of subentries seems to satisfy requirements more easily than eduPersonEntitlement; the Group informally decided to support the use of subentries. Any feedback of its use will either validate its viability or provide justification to look to another approach. The Apache model may prove useful in targeting permissions. How can a permission be mapped – can it be expressed as a role in isMemberOf attribute? The Group discussed next steps to actualizing eduPermission.

The next Signet WG conference call will be held on Friday, March 17 at 11am ET.