Attendees:

• David St Pierre Bantz
• Miroslav Milinović
• Marcus H
• Bas Zoetekouw
• Björn Mattsson@BTH
• Jens Jensen
• Jule Ziegler
• Marina Adomeit
• Pål Axelsson
• Scott Cantor
• Mikael Linden
• Tom Barton
• Nicolas Liampotis
• Jon Agland
• Alex Stuart
• Heather Flanagan

V/C info

Topic: R&S 2.0 WG call
Time: Mar 29, 2021 06:00 AM Pacific Time (US and Canada), 13:00 UTC

Join Zoom Meeting
https://us02web.zoom.us/j/82724472076?pwd=ZDFNOXhEeEVsZXlQV3ZaU1hBNlhHQT09

Meeting ID: 827 2447 2076
Passcode: 283788
One tap mobile
+12532158782,,82724472076#,,,,*283788# US (Tacoma)
+13462487799,,82724472076#,,,,*283788# US (Houston)

Dial by your location
+1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 669 900 6833 US (San Jose)
+1 929 205 6099 US (New York)
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
Meeting ID: 827 2447 2076
Passcode: 283788
Find your local number: https://us02web.zoom.us/u/kdsrsBMKhF

Join by Skype for Business
https://us02web.zoom.us/skype/82724472076

Calendar link HERE

Working Draft

• Draft spec for R&S 2.0

Agenda

1. Recap of consensus so far
   1. The FAQ will be revised to offer clarity on the term "affiliation" (see Research and Scholarship FAQ) and editorial changes made to the spec to make it more clear (see new draft spec for updated structure)
   2. eduPersonScopedAffiliation will become a required value
   3. R&S will require privacy statements
   4. Encouraging the use of eduPersonAssurance requires further discussion with the Assurance Working group
   5. subject-id should be listed as the new identifier
   6. R&S 1.3 and R&S 2.0 can co-exist; no migration detail will be included in the spec itself.
   7. ePPN and targeted ID to both be removed from R&S 2.0
   8. Information on OIDC requirements will be moved to R&S 2.1 (after the OIDF OIDCre working group has formal documentation in this space)

2. eduPersonAssurance and RAF, continued

3. Home Organization use case (Andrew Morgan and Christos Kanellopoulos )

   1. This item may be moved to the next call
4. Proposal to require DisplayName (Petersen )
   
   1. This item may be moved to the next call

Notes

1. Recap of consensus so far
   1. The FAQ will be revised to offer clarity on the term "affiliation" (see Research and Scholarship FAQ) and editorial changes made to the spec to make it more clear (see new draft spec for updated structure)
   2. eduPersonScopedAffiliation will become a required value
   3. R&S will require privacy statements
   4. Encouraging the use of eduPersonAssurance requires further discussion with the Assurance Working group
   5. subject-id should be listed as the new identifier
   6. R&S 1.3 and R&S 2.0 can co-exist; no migration detail will be included in the spec itself.
   7. ePPN and targeted ID to both be removed from R&S 2.0
   8. Information on OIDC requirements will be moved to R&S 2.1 (after the OIDF OIDCre working group has formal documentation in this space)

2. eduPersonAssurance and RAF, continued

   1. Changes to the draft spec include recommending REFEDS framework, but not requiring it

   2. One argument for not including assurance is that this still doesn't include requirements around MFA, which will be a common consideration; if we don't do both, is it worth doing assurance at all?

   3. The assurance information is different in character than the current R&S personal data attributes. Many people will view the GDPR that anything you send in this context -- attribute bundles about subjects -- is subject to that regulation. So, we really want to take advantage of the data minimization aspects of the R&S program.

   • though this is probably no more identifying than affiliation, but assurance does talk about the attributes sent, so it's not completely detached from personal information

   • 86% said to go ahead and include it, so we'll go ahead and leave the text in, and understand that this will probably be debated further during consultation

     •  

       Scott Cantor to clean up one more section to include the assurance info

3. Home Organization use case (Andrew Morgan and Christos Kanellopoulos )

   1. This item may be moved to the next callInterested parties were not on the call to discuss
4. Proposal to require DisplayName (Petersen )
   

   1. This might have been primarily related to the OIDC information, which has been removed from the spec (for now)

   2. That said, there is an i18n component to allow for the full and proper form of a name, which may not break down neatly in the existing attribute.

   3. Need to discuss further on our next call
5. Next steps
   1. Heather will send out a doodle poll for our next call, which will focus on Home Org and DisplayName. The goal will be to come to consensus on the remaining items on that call and get ready for the consultation period. item may be moved to the next call