eduGAIN Steering Group Meeting

Tuesday 13th October 2015 - 15:00 - 16:30 CEST (in your timezone)

Please Note that the date has CHANGE since the original announcement.

14:45Arrival & "Can you hear me now?" via https://connect.sunet.se/edugain
15:00Welcome, Introductions & Agenda Agreement
15:15

Summary of Current Status

See http://edugain.org/technical/status.php

  • 35 Participating Members
  • Members that aren't participating (7)
    • Argentina - MATE
    • Armenia - AFIRE
    • Australia - AAF
    • Beralus - FEBAS
    • Moldova - LEAF
    • New Zealand - Tuakiri Identity Federation
    • Turkey - YETKIİM
15:30

New member questions, candidates and policy status

Candidates (4) with Policy & MRPS available.

  • Italy - Grid Identity Pool (GrIdP)
  • Macedonia - AAIEduMk
  • Oman - Knowledge ID
  • Slovakia - safeID

Candidates (5) with Declaration signed.

  • India - INFED
  • Montenegro - eduID
  • Russia - ФEDUrus AAI
  • Serbia - iAMRES
  • South Africa - SAFIRE

Known Federation Initiatives (7) - for a complete list see https://refeds.org/federations

  • China - CARSI
  • Korea - KAFE
  • Malaysia - MyIFAM
  • Mexico - FENIX
  • Morocco - eduIDM
  • Peru - INCA
  • Uruguay - RAUid

It is hoped that the situation regarding the above federations can be cleared up prion to the meeting so that it is know whether we are voting on their membership or providing additional feedback to the federation operators on their process.

Voting/objecting to progressing federations to membership status.

15:45

Harmonisation and Progressing Identity Federations - Nicole Harris

  • Work from the Trust and Identity Harmonisation Task on Best Practice.  This includes 4 areas of work: entity categories, technology-agnostic policy, Metadata Registration Practice Statement and policy template review. 
16:25

Any other Business

  • For notice: Due to the recent invalidation of the Safe Harbour arrangement, references to the Safe Harbour as a legitimate grounds for an attribute release from EU/EEA to the US have been removed from the GEANT Data protection Code of Conduct. New Entity Category specification: pdf
16:30

Summary, Actions and Close (or we're running over time).

Attendance: Nick Roy & Ann West (InCommon), Olivier Salaün (FÉR), Temur Maisuradze (GIF), Wolfgang Pempe (DFN-aai), Nicole Harris & Brook Schofield (GÉANT), Peter Schober (ACOnet), Rhys Smith (UK Federation), Lukas Hämmerle (SWITCHaai), Kristof Bajnok (eduID.hu), José-Manuel (SIR), Matus Banas & Glenn Wearen (Edugate), Lalla Mantovani (IDEM), Chris Phillips (CAF), Tomasz Wolniewicz (PIONIER.Id), Terry Smith (AAF), Valentin Pocotilenco (LEAF), Alejandro Lara (COFRe), Mikael Linden (eduGAIN Policy).

Federations Represented: 16 (AAF, ACOnet, CAF, COFRe, DFN-aai, Edugate, eduID.hu, FÉR, GIF, IDEM, InCommon, LEAF, PIONIER.id, SIR, SWITCHaai, UK Federation).

Apologies: Miroslav Milinovic (AAI@EduHr), Ian Young (UK Federation), Jean-Francois Guezou (FÉR).

Guest Participants: Nicole Harris (GN4/SA5/T1 - Trust and Identity Task Leader), Mikael Linden (eduGAIN Policy).

Regarding Current Members:

  • InCommon will be changing its model from "opt-in" to "opt-out" and hopes to inject some 400 IdP entities into the eduGAIN feed.
  • Memory bloat due to processing excessive metadata feeds has affected some entities - even some in federations with large feeds for domestic use.

Regarding New Members:

The following federations submitted requests to join eduGAIN and completed all their documentary evidence to the OT on the dates specified.

  • Slovakia/SANET/safeID - Wed, 24 June 2015 (Canada/CAF had comments)
  • Macedonia/AAIEduMK - Fri  3 July 2015 (Denmark/WAYF had comments)
  • Int./GrIdP - Tue 11 August 2015 (Hungary/eduID.hu had comments)
  • Oman/Oman KID - Fri 11 September 2015 (Ireland/Edugate had comments)

There has been feedback from the following listed federations. These applicants have not responded to the queries of these federations with sufficient information to support their application proceeding to a vote.

NB: There will be NO decision taken to include these federations until they respond to the comments by those that have reviewed the documentation.

ACTION20151013-01: Establishment of clear elegibility requirements beyond the Joining Checklist.

One issue raised was the publishing of @scope information within metadata that clashed with an existing federations published scope values.
ACTION20151013-02: Investigation by the eduGAIN OT on the duplication of @scope in metadata via a monitoring standpoint and a recommendation of what to do about this.

Regarding Candidates:

The candidates have not provided the necessary documentary evidence to the OT to proceed to an assessment by their peers. These applications will be contacted to remind them of their responsibilities.

India - INFED

  • Montenegro - eduID
  • Russia - ФEDUrus AAI
  • Serbia - iAMRES
  • South Africa - SAFIRE

Harmonisation:
Nicole presented on the work from the Trust and Identity Harmonisation Task on Best Practice: https://wiki.geant.org/display/gn41sa5/1.3+Federation+Operator+Best+Practice.  This includes 4 areas of work: entity categories, technology-agnostic policy, Metadata Registration Practice Statement and policy template review.  Main area for eduGAIN: https://wiki.geant.org/display/gn41sa5/Recommendations+for+Technology+Agnostic+eduGAIN.  Please look at these documents and make comments on them. The goal of the previous updated to eduGAIN Policy Framework was to make the Constitution technology agnostic. Brook admited that we failed to achieve this and that has impacted the use of eduGAIN as an interfederation service for additional technology platform (most notably Moonshot Technology and OpenID Connect).

The commonly held view was that eduGAIN should strive to be technology agnostic. This is independent of whether it should become the vehicle for a Moonshot Technology based interfederation environment. The OpenID Connect should also be solicited to provide feedback to ensure the terminology used in a future update is accepteble to this technology.

Work should be undertaken as soon as possible on this technology agnostic front and Policy Framework revision as the lead time is very long.

Any Other Business:
AOB#1

Mikael Linden provided information regarding the recent invalidation of the Safe Harbour arrangement. As a result references to the Safe Harbour as legitimate grounds for an attribute release from EU/EEA to the US have been removed from the GÉANT Data protection Code of Conduct Entity Entity Category specification.
AOB#2
Based on this thread https://mail.geant.net/mailman/private/edugain-tsg/2015-June/000344.html some terms from the Steering Group have expired. In summary:

  1. UK/UK Federation - Ian Young & John Chapman
  2. Ireland/Edugate - Glenn Wearen
  3. USA/InCommon - Jim Basney & John Krienke
  4. eduGAIN
    1. Brook Schofield (Task Leader)
    2. Nadia Sluer (Project Management Assistant)
    3. Mikael Linden (eduGAIN Policy)

Tomasz Wolniewicz (eduGAIN Operations)

The "observer" positions of #1, #2 and #3 above have since been superseeded by those federation becoming members of eduGAIN and having a confirmed delegate/deputy. Discussion supported the following positions as ex-officio to the steering group:

  • eduGAIN Operational Team Leader (Tomasz W.)
  • eduGAIN Policy (Mikael Linden)
  • Harmonisation (Nicole Harris)
  • eduGAIN Product Manager (Brook Schofield)
  • GÉANT Trust & Identity Activity Leader (Ann Harding)

The relevant mailing lists will be updated as a result.

ACTION20151013-03: Update membership of the eduGAIN SG mailing list.

The meeting was concluded at 16:35.

Previous meeting: 30th April 2015

Action Summary:

ACTION20151013-01: Establishment of clear elegibility requirements beyond the Joining Checklist.
ACTION20151013-02: Investigation by the eduGAIN OT on the duplication of @scope in metadata via a monitoring standpoint and a recommendation of what to do about this.
ACTION20151013-03: Update membership of the eduGAIN SG mailing list.

  • No labels