VidMid-VC Conference Call, February 25, 2002

*VidMid-VC Conference Call*
February 25, 2002

*Attendees*

Ken Klingenstein - Colorado/Internet2
Michael Gettes - Georgetown
Tyler Johnson - UNC-CH
Mary Fran Yafchak - SURA
Jill Gemmill - U. Alabama (Birmingham)
Art Vandenberg - Georgia State
William Rhodes - U. Tennessee (Knoxville)
Tom Barton - U. Memphis
John McNair - U. Tennessee (Knoxville)
Steve Olshansky - Internet2
Ann West - Internet2
Mark Driver (scribe) - Internet2

*Discussion*

Ken is confident that VidMid-VC can provide white papers describing authn/z, interrealm directory services, and resource discovery for the NMI 1.0 release in April. One of the primary goals will be to shape the research direction for NMI 2.0 grants. Steve will schedule subgroup conference times; white papers should be circulated widely and quickly to ensure a comprehensive perspective and adequate vetting.

Ken described recent efforts towards a federated architecture, but stated that no model accomplishes the inter-domain integration of resources adequately yet. The IETF is developing an authz mechanism for media services which illustrates policy decision points, but seems confined to autonomous domains. Inter-domain authn/authz payloads and flows need to be modeled and disseminated. A native authn/authz approach can be complemented by the passing of tokens/credentials in the payload fields.

SIPComm is reported to be rewriting their proxies and user agent code to parse XML; Microsoft has published specifications on their Kerberos PAC (Privilege Access Certificate) token passing mechanism. Both developments have added to the complexity of federated administration discussion. VidMid-VC authn/authz group should consider both PKI- and XML/Kerberos-based approaches. WebISO provides backend authn using XML inside a cookie. Global XML Web Services Architecture (GXA), a Microsoft & IBM partnership, might also be leveraged.

Art suggested the resource discovery paper should focus on current/best practices and present a survey of pragmatic solutions. Basic activities such as registry design, registration process, lists of resources and binding mechanism can be incorporated into the VidMid-VC reference model.

The Tempe CAMP meeting last month illustrated gaps in campus deployments. Microsoft .NET is becoming involved with Grids; some members of the Grid community, led by Avaki, have proposed a naming protocol (Secure Grid Naming Protocol - SGNP) to replace DNS in Grid environments. Balkanization of standardization process is causing difficulties; Ken has been appointed to the Global Grid Forum steering committee and will focus on resource discovery and security to help align VidMid and Grid efforts. The Access Grid takes an application focused, bottom-up, virtual organization approach while VidMid has a middleware focused, top-down, federated administration perspective. Coordinated development will allow the former to be built upon the latter.

Tyler pointed out the need for consistent nomenclature within and between protocols; also Internet2 must ensure internal consistency with other working groups, such as QoS, eduPerson, etc. JINI, UDDI, CORBA and Web services need semantic uniformity as well. Tyler wants to promote the videoconferencing object classes to a standards-track document that is referenced by the object class white paper. He hopes to incorporate an attribute referencing commObject into eduPerson, while submitting it to ITU/IETF for broader consideration. References between commObject and eduPerson will be discussed on Internet2 LDAP call.

*New Action Items*

1. [AI] 25-Feb-02 SteveO to coordinate weekly conference calls to discuss authn/authz and focus on whitepaper deliverable for NMI R.1.
2. [AI] 25-Feb-02 Ken to create workplan for authn/authz subgroup.
3. [AI] (Deleted)
4. [AI] 25-Feb-02 Tyler, Jill and John or William to participate in authn/authz subgroup.
5. [AI] 25-Feb-02 Egon and Jill to describe authn/authz flows on UNC reference model.
6. [AI] 25-Feb-02 SteveO to make a first pass through scenarios describing authn/authz flows, extracting and prioritizing requirements.
7. [AI] (Deleted)
8. [AI] 25-Feb-02 Ken will distribute a one page document on Access Grids.
9. [AI] 25-Feb-02 Ken will follow up with Microsoft regarding SIP videoconferencing testbed implementation.

[Note: previous action items are in the process of being reorganized and updated - coming soon...]

Next Call: Monday, March 11, 2002, 11:00 a.m. EST