Meeting Date: 9th February 2022, 14:00 CET.
Attendees: Steve Glover, Casper Dreef, Nicole Harris, Terry Smith, Davide Vaghetti, Alex Stuart, Guy Halse, Kevin Hickey, Pal Axelsson, Meshna Koren, Alan Buxey, Maarten Kremers, Daniel Muscat, Dean Flanders
Agenda:
- Discuss Goal 1 of the Charter
- Review recommendation summaries from each meeting.
...
| Recommendations (service model discussion) |
|---|
| Have a consistent approach to how federations are expected to publish metadata upstream and downstream |
| Improve positioning of Seamless Access in relation to eduGAIN |
| Review eduGAIN mission statement |
| Consider levels (max 3) that apply to all IdPs (Anon, Pseudon, Personalised) plus CoCo, Sirtfi, Assurance |
Notes:
FO1: comments and additions
Davide: some of the potential improvements are linked. Violations & filtering and the decision making (governance structure).
Guy: +1. Not an agile governance model.
Meshna: Where lies the difficulty? Technical or policy?
Davide: The constitutions doesn't allow us to filter entities on the eduGAIN level.
Nicole: The potential impact when taking an IdP down.
Alex: eduGAIN isn't required to publish everything from the upstream feeds.
Davide: Process driven.
Alan: Rules aren't clearly written. It is the FO responsibility to provide clean MD. First step: agreement between FO and eduGAIN to allow filtering.
Guy: Wide range of technical and support abilities. We could do this differently for different federations.
Nicole: Different service models for different types of federations.
Pal: FO still need to take/stay responsible for their MD. Be careful with wording.
Meshna: A need for an entity in Federation X to address changes with other federations?
Nicole: Testing security and technical
FO2:
Guy: eG obligation that ...
Alex: Scrap enforcing non-personal accounts
Daniel: Could cause GDPR issues
Terry: Self-service.
Alex: EntitiesDiscriptor has an element. URI, URL and contact address.
Meshna: Self-service is great, but you need a central contact.
Pal: Yearly comms-check. Yearly compliance check.
Terry: Use a token fee?
FO3:
Pal: We have stuff to utilise. Handbook, WG, Sec Team.
Nicole: SIRTFI wasn't mentioned. Should this be considered?
Pal: Later on. Managed approach. Short term at federation level.
Meshna: The environment is not ready for SIRTFI yet. Make SIRTFI approachable for non-techs. Describe scenarios. Determine smallest minimun requirement in certain situation more helpful than mandating.
Guy: Unlink security contact from SIRTFI. Upping the bar over time.
Maarten: Here also FO1 come into place. Governance model to get this done.
Terry: Using tiers rather than bars. Encourage to take the next step.
Davide: 1. currently over 30% SIRTFI entities, concentrated in limited number of federations. Agree with gradual progress
Pal: REFEDS is working on a new version, easier to understand. Adoption by key services is required. We need to talk about eduGAIN baseline level.
FO4:
Pal: We have a SAML profile, but may want to rework that.
Alex: Tune up the existing tools.
Pal: Should we a propagation time limit?
Davide: SAML2int? Not a minimal requirement.
Alan: Point back to FO1
FO5:
Pal: To make eG work seamlessly this needs to be promoted, rather than enforced.
Davide: How to implement them in your federation? No agreement on this. eG may fill the gap here.
FO6:
Pal: actively track if federations are also implenting baseline.
Skip next meeting (23 Feb).