Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

11:45 UTC

Arrival & "Can you hear me now?" (see  Connection Details)


12:00 UTC

Welcome, Introductions & Agenda Agreement

Terry Smith, AAF, Chair
12:10 UTC

Membership Updates and Joining

  • KRENA/Kyrgystan
  • Bangladesh/TIGERfed
Casper Dreef, Secretariat
12:15 UTC

Team Updates

  • Operations Team
  • Support Team
  • F-Ticks
Davide Vaghetti, IDEM, Service owner
12:30 UTC

Team updates: Security team

  • Working Group updates
Security Team
13:00 UTC

Re-imaging eduGAIN

Nicole Harris, GÉANT

13:25 UTC

Future SG meetings, Any other business, Summary and Actions


13:30 UTC

Meeting Close


...

Attendance

Federations in Attendance

...

  1. ...

Attendees (XX)

  1. ...

(24)

  1. Australian Access Federation (AAF) - Australia
  2. SWAMID - Sweden
  3. UK federation - United Kingdom
  4. LEAF - Moldova
  5. PIONIER.id - Poland
  6. RiçercaNET Identity Federation - Malta
  7. RCTSaai - Portugal
  8. GRNET - Greece
  9. WAYF - Denmark & Iceland
  10. IDEM - Italy
  11. SWITCHaai - Switzerland
  12. eduId.hu - Hungary
  13. eduID.cz - Czech Republic
  14. HAKA - Finland
  15. AAI@EduHR - Croatia
  16. Sifulan - Malaysia
  17. Fédération Éducation-Recherche (FER) - France
  18. RIF - Uganda
  19. Canadian Access Federation (CAF) - Canada
  20. SIR - Spain
  21. CAFe - Brazil
  22. InCommon - United States
  23. TAAT - Estonia
  24. safeID - Slovakia

Attendees (35)

  1. Terry Smith (AAF)
  2. Pål Axelsson (SWAMID)
  3. Alex Stuart (UK federation)
  4. Valentin Pocotilenco (LEAF)
  5. Casper Dreef (GÉANT)
  6. Tomasz Wolniewicz (PIONIER.id)
  7. Daniel Muscat (RiçerkaNET Identity Federation)
  8. Esmeralda Pires (RCTSaai)
  9. Zenon Moumoulas (GRNET)
  10. Mads Freek Petersen (WAYF)
  11. Davide Vaghetti (IDEM)
  12. Thomas Bärecke (SWITCHaai)
  13. Attila Laszlo (eduId.hu)
  14. Jiri Borik (eduID.cz)
  15. Lukas Hämmerle (SWITCHaai)
  16. Maja Gorecka-Wolniewicz (PIONIER.id)
  17. Jani Heikkinen (HAKA)
  18. Mirolav Milinovic (AAI@EduHR)
  19. Nicole Harris (GÉANT)
  20. Irfan
  21. Anass Chabli (Fédération Éducation-Recherche)
  22. Derrick Ssemanda (RIF)
  23. Chris Pillips (Canadian Access Federation)
  24. Aristos Anastasiou (CyNet Identity Federation)
  25. José Manuel Macías (SIR)
  26. Jean Carlo Faustino (CAFe)
  27. Ann West (InCommon)
  28. Licia Florio (GÉANT)
  29. Halil Adem (GRNET)
  30. Sten Aus (TAAT)
  31. Hellen Nakawungu (RIF)
  32. Mario Reale (GÉANT)
  33. Martin Stanislav (safeID)
  34. Nicole Roy (InCommon)
  35. Marina Adomeit

Apologies (xx)

  • Wolfgang Pempe (DFN-AAI)

...

Welcome, Introductions & Agenda Agreement

Open actions

The eduGAIN Secretariat has created a proposal that will be made available for consultation.  Casper will share this with the eduGAIN SG mailing list and seek further information and consultation on the proposal. Action remains open.

eduGAIN Secretariat to write a proposal for a yearly audit process for eduGAIN federation details: https://docs.google.com/document/d/1G691ohEBW27GlnBN55iO7DdqxOpoqsz2xJArijmn9QQ/edit?usp=sharing
Open for comments.

Membership Updates and Joining

KRENA/Kyrgystan update: 

The issues with the KRENA federation were resolved with help from the GÉANT Partner Relations team.  This shows the suspension process is working as intended. 

Bangladesh/TIGERfed update: 

We’ve had very little feedback from the community so do not feel that it is possible to move forward with voting at this stage.  All eduGAIN SG members are encouraged to review the documentation.  We’d appreciate feedback even if this is just a quick “documentation all looks good”.

We are expecting new applications from the following federations over the next few months:

  • Indonesia
  • Thailand
  • Nepal 
  • Taiwan

Team Updates

Operation team:

The certificate for the production metadata feed for eduGAIN will need updating.  A recommendation has been received from the community not to change the url based on this change.  The OT is happy to accept this proposal.

A key signing ceremony including pushing private key information to an HSM will be undertaken by the OT.  There is no perceived threat to service delivery as the process has been fully tested previously and the process  / technology works as the spec intends.

Question: will the fingerprint change?  Yes, the fingerprint of the certificate will be different.  The signature on the metadata will remain the same. 

Question: why is the OT using short-lived validation period for the certificate? 

Newly signed metadata will be made available on 29th March 2021 - we need to make sure the time this work is done is respectful of timezones.  We also need to make sure that new federations are fully aware of the process.  

Chris Phillips suggested also sending the information to the security contacts list. Tomasz W does not think there are any specific security implications for this process, however Chris felt this was still an operational change that might be valid for the security contacts to know. 

ACTION: OT to send an information email to the security contacts
ACTION: Secretariat to create a mailing list from the eduGAIN security contacts

Support team:
No notable updates - support tickets are very low.

F-ticks:

7 federations are now providing data for the f-ticks pilot and all is working as expected. Turkey was the most recent to join.  More federations participating would be very appreciated.  

The team talked to the GÉANT GDPR officer on advice around the use of this data and good reasons as to why this can / should be shared. 

AAF looking at a project to collect f-ticks within AAF.

Team updates Security team:

https://wiki.geant.org/display/eduGAIN/eduGAIN+Security+Working+Group+Charter+-+eSWG The eduGAIN Security Working Group has had several planning meetings and the information is available on the wiki.  One of the priorities at the moment is defining a base mandate for the team - which is standard practice for incident response teams (RFC2350). 

The eduGAIN Security Incident Response Handbook has been shared with the SG for comment but not feedback has been received.  Comments are welcomed at: Security Incident Response Handbook Feedback.

Re-imaging eduGAIN


Future SG Meetings, Any other business, Summary and Actions

...