Versions Compared

Old Version 11

changes.mady.by.user Casper Dreef

Saved on

compared with

New Version Current

changes.mady.by.user Casper Dreef

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

timetopicpresenter
10:30 - 10:40Welcome, Agenda Agreement and Open ActionsPål
10:40 - 10:50

Service Team Overview - slides

Davide
11:50 - 11:20

Finalise strategy

consultation comments: 2025 eduGAIN Strategy consultation

proposed changes: https://docs.google.com/document/d/12ML76QVSI1n8N5jKRnMIBKeWlHH3Z2bMMJagcSwDBf0/edit?tab=t.0

Next steps: pretty clean copy

Nicole, Casper
11:20 - 11:50

Work Plan - Rebuilding eduGAIN trust

Proposal: 

Create a new version of the proposed roadmap with the following items.

  1. Establish annual check of federation details using the same tooling as the security checks.  Introduce mandatory security contact for federations at this time.
  2. Consult with community on timeline to introduce individual entity filtering.
  3. Working group to "reverse engineer" eduGAIN SAML profile and define whether we need an umbrella for SAML and OIDC requirements. 
  4. Implement security, privacy and assurance requirements in SAML profile and roadmap for adoption. 
  5. Consider tooling requirements to check and monitor the above. 
  6. Stakeholder engagement document???

Parked:

  • attribute release
  • metadata publication requirements

Does the SC agree? 

Nicole, Casper
11:50 - 11:55Membership applications
Casper

AOBAll

Future meetings, Summary and Actions
12:00Meeting Close

...

Open Actions: 2 actions remain open. OIDC Federation infoshare in the week of 16 June. Wednesday 18 June around 13:30 - 15CEST.

  •  Casper to send out an invite to eduGAIN

...

  • community.

Service Team Overview

Davide presented the office eduGAIN Roadmap for 2025 (see agenda for slides). This was created for the GN5-2 project deliverable. 
Currently two sites for the core service have been implemented. Production: PSNC, duplicate at GARR and now an additional site is created at SUNET. Different strategies for back-end and front-end. One core back-end and two back-ups. Now one front-end, in the future multiple front-ends.
The team is working on tool upgrades and a migration to a new ticketing system is being prepared. 
The CSIRT team has a new member who has experience in security training. 

...

  1. Establish annual check of federation details using the same tooling as the security checks.  Introduce mandatory security contact for federations at this time.
    • This check would be done annually around November-December.
    • Initial focus is on collecting security contact. 
    • Is this too optimistic if the security contact requirement is announced in June? How flexible should be?
     
    • The committee decided that the member federations can request a grace period.
    • Strong recommendation to use an organisational email address. Use SIRTFI as an example. 
    • Compliance can be enforced with Suspension Process. 
    • Where should the eduGAIN member's Security Policy be published? In the MRPS?
  2. Additional focus is on collecting security contact. 
  3. Consult with community on timeline to introduce individual entity filtering.
  4. Working group to "reverse engineer" eduGAIN SAML profile and define whether we need an umbrella for SAML and OIDC requirements. 
    • Creating a Trust Framework.
  5. Implement security, privacy and assurance requirements in SAML profile and roadmap for adoption. 
    • To some extends adopted in the roadmap already. 
  6. Consider tooling requirements to check and monitor the above. 
    • To some extends adopted in the roadmap already. 
  7. Stakeholder engagement document???

Parked for now:

  • attribute release
  • metadata publication requirements

...