*MACE-WebISO Conference Call*
February 5, 2002

*Participants*

Nathan Dors -- Washington(chair)
Steven Carmody -- Brown
Tom Dopirak -- CMU
Jeff Eaton -- CMU
Scott Fullerton -- Wisconsin
Steve Willey -- Washington
Ellen Vaughan -- Internet2
Nate Klingenstein -- Internet2(scribe)

*Discussion*

Kiosks

	Documents may emerge from the Shibboleth space defining what 
Shibboleth may need from a basic WebISO system to be packaged with 
Shibboleth distributions to add a complete solution.  A brief 
rediscussion of the library scenario followed, with question about 
whether it would make any difference to Shibboleth.  The group assumed 
that not much would change; there could either be a typed handle, which 
would contain information in it which would distinguish the terminal as 
potentially open to broader access, or a set of default attributes to be 
sent for this sort of anonymous login, or a default login to be 
associated with that server which would have a certain directory entry 
and set of ARP's predefined.
	The discussion was forked into two real scenarios; one being an 
academic computer in a relatively controlled lab, and the other being an 
extremely public terminal.  Tom's distinction was that assumptions could 
be made about a computer in a lab, or a brief login could be made, but 
if a public terminal were in a bus station, any assumption about the 
identity or permissions of the individual using the kiosk would be 
unlikely.  The group suggested that the coffee-shop kiosk have 
extraordinarily long-lived cookies since nothing would be assumed of the 
user, but that the cookies issued to the academic lab be made fairly 
short-lived when there is an authentication of some grade invovled.  
[AI] Tom offered to expand further on kiosks and kiosk scenarios to 
drive more discussion.

Miscellany

	Quick mention was made at the open of the call about redesigning 
the default login screen for Pubcookie.  This prompted a comment that 
there has been no real resesarch on cross-web-server usability goals and 
determination of how much complexity end users can typically 
understand.  OKI has found a need to create sessions for people who just 
want to browse but may want to access more of the courseware later.  
This presents a scenario for the tiered login and existence of 
application domains earlier discussed by Michael Gettes of Georgetown 
and Ryan Muldoon of Wisconsin.

*Action Items*

1.  Tom will expand further on kiosks and kiosk scenarios to drive more 
discussion.