Action Items
[AI] {Nadim} will send a summary paragraph to Lisa Hogeboom about the WG’s
BoF session at the Internet2 Fall Member Meeting.
[AI] {Nadim} will invite Bob Morgan, Scott Cantor, Steve Carmody and Martin
Euchner to join the next call to discuss Federated Secure Multimedia with a
thin security agent.
[AI] {Nadim} will invite Jamey Hicks, Ben Teitelbaum and Samir Chatterjee to
join the next call to discuss the PIC requirements for the Internet2 Fall Member
Meeting.
*Attendees*
Nadim El-Khoury, University of North Carolina, Chapel Hill (Chair)
Tyler Johnson, University of North Carolina, Chapel Hill
Jill Gemmill, University of Alabama, Birmingham
Jeanette Fielden, Internet2
Lisa Hogeboom, Internet2
Steve Olshansky, Internet2
Terrie Clark, Internet2
*Discussion*
All communications and work of Internet2 WG’s is subject to the Internet2
Intellectual Property Framework http://members.internet2.edu/intellectualproperty.html,
please review this page.
The VidMid-VC WG will hold a BoF session during the previously scheduled Internet2 Fall Member Meeting, September 27 – 30, 2004 in Austin, Texas. http://events.internet2.edu/2004/fall-mm/. This is an open working group session for the VidMid-VC group. The goal of this session is to gain consensus on the best way to achieve Federated Secure Internet Conferencing and to further the discussions on developing a "security agent" operating outside of any multimedia protocols.
In the federated approach to videoconferencing, the group proposes a thin layer interfacing the SIP and H.323 applications with the middleware infrastructure. This new layer handles authentication and authorization. The new thin layer does not recreate the authentication-authorization infrastructure, but rather serves as an intermediary layer to transparently bridge the VC client applications into them. The thin layer will also convert or relay the authentication/authorization information into a format suitable for transport inside the underlying protocol. The protocols may need to adapt, perhaps adding a new message or message type. How is this different from AAA engines or IETF solutions? The standards-body approach is not federated. And, no further development is planned for Diameter. The proposed solution offers a federated authentication and authorization structure to replace single root-type structures.
Using the proposed solution, the application is not required to have embedded knowledge of the security infrastructure. It is only required to interface with the security layer. This differs from the Pluggable Authentication Model (PAM) in that the security layer present is specifically federated and achieves end user mutual authentication. The proposed solution is a forward-looking conceptual model of the WG’s view of a federated security approach. It will result in a set of APIs detailing the protocol that would be submitted to the appropriate standards organization(s).
The group discussed ways to garner agreement on the scope of the proposed solution.
What are the appropriate real-time collaborative applications required to develop
a complete federated security model? And, how should the group approach standards
organizations to achieve political support and technical cohesion for the proposed
solution? The group will further discuss the proposed solution during the next
call.
The group discussed the PIC demonstration at the Internet2 Fall Member Meeting.
The proposed demonstration requires that individuals registering for the meeting
would be given a SIP.edu account designed to function with a location tracker
package. This requires developing/assigning configurations for all participants.
Scaling is the issue. H.350 can be used to configure all the endpoints. What
changes to the SIP.edu client are required to accommodate H.350? What must subsequently
be H.350-enabled? The group will discuss this issue during the next call.
The next call will be Monday, July 12, 2004 at 11:00AM ET.