*Attendees*
Nadim El-Khoury, UNC
Tyler Johnson, UNC
Jeanette Fielden, Internet2
Steve Olshansky, Internet2
Samir Chatterjee, CGU
Scott Cantor, OSU

*Discussion*
Shib aware proxy and gatekeepers: Either an endpoint or user agent would authenticate against an LDAP/enterprise directory or other mechanism. A user could authenticate to either a gatekeeper or proxy that then forwards the credential to the enterprise directory, gets a response, attribute assertions, and forwards those on to the next gatekeeper/proxy if the user is trying to contact someone outside the domain. The gatekeeper/proxy would act as both an origin and target. If you push an attribute assertion between gateways the Shibboleth code should drop neatly in different environments to do things like evaluate signatures and trust and policy decisions.

In a forwarding model the trust question has to be addressed. Who are you trusting and for what purpose? If you forward an unsigned assertion it is the gatekeepers that are asserting attributes to each other. They would have to be able to mutually authenticate each other. You could either push attributes or a subject that the other gatekeeper can do an attribute query with. If you push attributes you have to think about the trust implications.

Shibboleth does not do authorization. Shib is a trusted means of transport for assertions to allow authorizations decisions to be made on the side of a target. It is up to the target to make the decisions and implement the systems required. A sample of how to do authorization that emulates htaccess files is included but that is just intended to show one way you can use attributes. You can encode information into attributes to do authorization. SAML does not know that the attributes represent a particular policy.

How can VidMid VC play a role in non-web Shibboleth applications? A detailed analysis of a use case with goals at each stage is needed. The analysis needs to detail what are the protocols in play at each stage of the flows and an understanding of where and how the kinds of credentials delivered to those flows would be bound. This will help the Shib team understand what pieces already exist and what ones would need to be built.

Tyler talked about the ITU Study Group 16 e-health initiative, which will be the focus of their January meeting. Secure teleconferencing for medical applications, and the requirements to implement it, would be a good submission for the initiative. It would need to describe all the pieces necessary to have secure videoconferencing for medical applications. The goal would be by January to have a model for a complete secure conferencing system and have support from the medical community for it. If the ITU accepted the submission as a work item there would be time to develop it in necessary detail.

In the United States, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) has created a number of requirements around the security of medical information. Tyler feels that security requirements for HIPAA are good sense for all secure videoconferencing. While HIPAA is specific to the U.S. it was agreed that the approach could focus on HIPAA and healthcare and then can be generalized to meet other secure videoconferencing needs. The approach will not be restricted to the medical community but will be one that will explicitly work for the medical community.

A medical use case scenario would describe a full end-to-end system. It would include not just the protocol, but also multiple authentication domains, and a specific way to manage certs that could be implemented by vendors. It would need to be clear enough so the Shib community could look at where federation plays a role and the medical community could use it as reference as to what they're being asked to implement means. Samir is working with medical group in Loma Linda on features and requirements that would meet their needs. Nadim is sitting in on the Internet2 medical middleware (MedMid) calls to develop working connections with them.
[AI] Tyler will write a preliminary outline of a medical case for the next call.

How can Samir’s concept of conference management be tied into middleware? Samir is aware of two vendor products for conference management but hasn't fully explored them. One is from Wave Three Software and the other is Speak Conference Director. Both are partly proprietary. There is a need for a generic conference management tool to help manage large conferences and help with flow control.
[AI] Samir will write up the main ideas of conference management and how we might tie into directories.
[AI] Nadim will e-mail the list asking about vconf.