Child pages
  • 2019-11-25 Baseline Expectation Meeting
Skip to end of metadata
Go to start of metadata

Date

at 15:00 CEST

Attendees

  1. Brook Schofield
  2. Casper Dreef
  3. Rhys Smith
  4. Mario Reale
  5. Pål Axelsson
  6. Anass CHABLI
  7. Ivan Kanakarakis
  8. Tom Barton
  9.  Alex Stuart ← current job at Jisc (Alex Stuart is the old job)
  10. Wolfgang Pempe
  11. Miroslav Milinović
  12. Brett T Bieber
  13. Jon Agland
  14. Alan Buxey
  15. Chrisopher Whalen
  16. Mark Williams

Apologies

Goals

To discuss initial proposals for Baseline Expectations as laid out at Baseline Expectations Working Group.

Discussion items

General Discussion

  1.  Baseline Expectations of Federation Operators.  eduGAIN Policy already covers all(?) of these issues.  Do we need to include this in a baseline proposal or should this be left to the existing eduGAIN policy?
    Particularly Profile v2. Will be relaunched on 9 December. Should this profile be included in this Baseline? How do we convey Baseline Expectations to users?
    Should eduGAIN be the aggregate of federation rules? Yes, it's the baseline of all interfederation. The eG Baseline level is defined and ok-ed by the Steering Group.
    1. eduGAIN doesn't have a specific role in the baseline space other than supporting federations.
    2. Pål contents that it is a different scale but Tom commented that it is only in support of federation operators.
    3. Compliance with the profile_v2 requirements isn't necessarily improving the metadata feed (hide-from-discovery doesn't give you a get out of gaol free card - Alan referenced that this makes sense now - but it wasn't included in the discussions when the profile was created).
    4. Many of the instances in federations that aren't well described with mdui: or logos are test/UAT instances of services.
    5. From Jon Agland UKf stats for mdui 36.2% of SPs and 36.5% of IdPs
(but not necessarily logo!) and UK federation won't export these services to eduGAIN (while InCommon will kick these services out of its federation, and thus the eduGAIN export).
  2. Baseline Expectations of Service Providers. What is missing?  R&S? CoCo here or not?
    1. R&S - is this a MUST or SHOULD?
    2. Pål contents that R&S should be a "Best Practice" rather than a baseline as the result of which would make eduGAIN an R&S only interfederation environment.
    3. CoCo?
  3. Baseline Expectations of Identity Providers.  What is missing? MFA / SFA?
    1. MFA/SFA should be a "Best Practice" and agreement on moving from username/password only authentication is almost universal - but practical implementation is expected to take some time to complete.
    2. Rhys said that "Baseline" should be focused toward interoperability and not design decisions of an IdP installation or SP requirement.
    3. Tom clarified that there is often confusion between "strong authentication" vs "signalling for MFA/SFA".
    4. Alan referenced that the need for MFA/SFA signalling in metadata is needed for discovery services so that services can exclude IdPs from the discovery interface - rather than cause a failure at run time.
    5. Developing the specification and allowing the tooling to catch up was an issue with SIRTIF adoption initially.
    6. Authentication Performed vs Identity Vetting Assurance are different and a specification on how to support this (one or other or both combined).
  4. How to fit this with existing federation policy?
    1. There is a place for SIRTFI as this relates to incident response.
    2. There is a place for mdui: as this relates to discovery.
    3. Federation policy could/should include MFA/SFA and be eduGAIN "best practice"
  5. Versioning vs Evolution of Baseline. (MUST vs SHOULD discussion)
    1. Tom Barton commented on how we approach this work over time. This is a process where the institutional knowledge comes and goes.
    2. Should profile_v3 be more restrictive again? Pål commented that we always need to make options obsolete.
    3. Miro is a supporter of the versioning of future profiles. A roadmap showing progression over time would be useful in this regard.
  6. ACAMP session? Pål, Tom, Rhys, Alan, Mark will be at TechEx/ACAMP on 11th & 12th December.

Problems with moving forward

Ensuring that the focus is on interoperability between federations and doesn't drift into areas of best practice that should be the focus of federations.


Next steps

  • Alan Buxeyto report back on the ACAMP topics relating to baseline at the next meeting.
     

Action items

DescriptionDue dateAssigneeTask appears on
  • Albert Wu @shannon roddy, @meshna  continue with introduction-smithing
Albert Wu2020-11-10 Baseline Expectations meeting
  • Tom - can we write up a process document, things that need to be done. process cannot be directly given.  (Alan - are there any particular parts of process that can be adopted from previous work in InCommon?  surely some actions are reproducible)
2020-10-13 Baseline Expectations meeting
  • Tom - create a doc to be signed up to to say 'were going to do this
2020-10-13 Baseline Expectations meeting
  • Alan - MOU?
2020-10-13 Baseline Expectations meeting
  • Tom - yes.  get federations to sign up,..do phase1, phase 2 etc
2020-10-13 Baseline Expectations meeting
  • Alan - phase 1? is this all the current BE or just some parts?
2020-10-13 Baseline Expectations meeting
  • Tom - just some parts
2020-10-13 Baseline Expectations meeting
  • Alan - any particular parts? biggest itches to scratch?
2020-10-13 Baseline Expectations meeting
  • Tom - errorURL, we missed that one. also contact details in metadata
2020-10-13 Baseline Expectations meeting
  • Pal - is REFEDS the right place for this? 
2020-10-13 Baseline Expectations meeting
  • Meshna - why do you ask, have another body in mind?
2020-10-13 Baseline Expectations meeting
  • Pal - REFEDS cannot command...eduGAIN has leverage
2020-10-13 Baseline Expectations meeting
  • Christopher - NIH requirements for MFA etc 
2020-10-13 Baseline Expectations meeting
  • Alan - okay, so we have several docs...process, REFEDS mapping, eduGAIN profile missing parts, MOU. 
2020-10-13 Baseline Expectations meeting
  • Pal - at TechEXTRA one of the worlds biggest funders came along asking for things , 
2020-10-13 Baseline Expectations meeting
  • Christopher - MFA requirement
2020-10-13 Baseline Expectations meeting
  • introduction text not yet rewritten - this is going to be actioned
2020-10-13 Baseline Expectations meeting
  • Albert and Shannon to draft a rewrite of the first introduction paragraph. the group did some chopping and changing of words but no decisive words resulted. Rather than starting with the trust question, we are going to note the Identity Federation (what is Identity Federation? we've never defined what everything is at a higher level in an agreed term) and then ask how do we trust this thing?  need to call out trust relationship and then how that is reached (baseline)
2020-09-29 Baseline Expectations meeting
Alex Stuart2020-06-02 Baseline Expectations meeting
  • Alan Buxeyto examine worldwide federation data to ascertain current populated contact details 
Alan Buxey2020-05-26 Baseline Expectations meeting