Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

11:45 UTC

Arrival & "Can you hear me now?" (see  Connection Details 241271133)


12:00 UTC

Welcome, Introductions & Agenda Agreement

Terry Smith, AAF, Chair
12:10 UTC

Membership Updates and Joining

  • KRENA/Kyrgystan
  • Bangladesh/TIGERfed
Casper Dreef, Secretariat
12:15 UTC

Team Updates

  • Operations Team
  • Support Team
  • F-Ticks
Davide Vaghetti, IDEM, Service owner
12:30 UTC

Team updates: Security team

  • Working Group updates
Security Team
13:00 UTC

Re-imaging eduGAIN

Nicole Harris, GÉANT

13:25 UTC

Future SG meetings, Any other business, Summary and Actions


13:30 UTC

Meeting Close


...

Chris Phillips suggested also sending the information to the security contacts list. Tomasz W does not think there are any specific security implications for this process, however Chris felt this was still an operational change that might be valid for the security contacts to know. ACTION:

  •  OT to send an information email to the security contacts

...

  •  Secretariat to create a mailing list from the eduGAIN security contacts

Support team:
No notable updates - support tickets are very low.

...

The eduGAIN Security Incident Response Handbook has been shared with the SG for comment but not feedback has been received.  Comments are welcomed at: Security Incident Response Handbook Feedback.

Re-imaging eduGAIN

Nicole Harris presented initial thoughts on a new eduGAIN model (for slides, see agenda). The biggest change would not require a change of the technical infrastructure, but would rather be how eduGAIN is being used by creating different types of categories and ask both IdPs and SPs to support these categories. Broadly speaking eduGAIN would support three category types: a type around Anonymous/Pseudonymous access, Affiliation Access and R&S Access.
It was recognised this will inquire a massive amount of work. But once a new model is in place it will be much easier for federation operators to provide support for their entities.

Terry Smith (AAF) and Ann West (InCommon) would welcome a new approach that could create consistency and creating some order would be very valuable for the federation operators. 

Chris Phillips (CAF) noted that in these initial thoughts the multi-protocol support with OIDC is missing. Nicole pointed to the results of the REFEDS survey and said for many federation operations the demand for supporting OIDC is rapidly declining. Davide Vaghetti noticed that a solution to this could be in the use of proxy technologies.

Tomasz Wolniewicz (PIONEER.Id) asked if there is a threat to the accessibility and usage of the service for the entities and also how these proposed changes would be communicated with the entities. Nicole replied that the message will be clearer than it is today. For SPs there will be the benefit of getting the information from eduGAIN on what they should support instead of figuring that out themselves. Providing detailed information to entities would also make it easier to adopt the changes.

Implementing such changes would require a new membership agreement and updated policies. 

Future SG Meetings, Any other business, Summary and Actions

Any Other Business: 

CoCov2: best practice guidelines. Still GDPR compliant, only not formally ratified.

Future SG meetings 2021:

23 March 12:00 UTC
15 June 07:00 UTC
14 September 16:30 UTC
14 December 12:00 UTC

...