Skip to Content.
Sympa Menu

ad-assurance - RE: [AD-Assurance] First Call: Action Items and Notes from 3/1

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

RE: [AD-Assurance] First Call: Action Items and Notes from 3/1

Chronological Thread 
  • From: "Coleman, Erik C" <>
  • To: "" <>
  • Subject: RE: [AD-Assurance] First Call: Action Items and Notes from 3/1
  • Date: Fri, 1 Mar 2013 18:54:27 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=neutral (message not signed) header.i=none

Sorry I missed the roll call, I ran late but got on the call about 11:10.


Sent from my Windows Phone

Sent: ‎3/‎1/‎2013 12:45 PM
Subject: [AD-Assurance] First Call: Action Items and Notes from 3/1

AD Assurance: Notes from 3/1

Michael Brogan
Ron Thielen
Brian Arkills
Jeff Whitworth
Jeff Capehart
James Oulman
David Walker 
Lee Amenya
Mary Dunker
Eric Goodman
Mark Rank
Ann West

Next Call: March 8 at Noon ET 
Dial-in numbers:
+1-734-615-7474 PREFERRED

Action Items
  • Ann to contact Brian re: MS rep
  • Brian to send out background resources
  • David to send out information on FIPS and NIST-approved algorithms
  • Brian to send out AD components and thoughts about how they map to what's in scope for the profiles. 

Charge: Determine if there are alternative ways to deploy AD to ensure compliance with InCommon Bronze and Silver. If there are, develop an Alternate Means Proposal for the set of practices identified (which may be some form of the Cookbook) and submit to InCommon for review. If the risks addressed by the profiles cannot be mitigated adequately using AD, develop community and specification recommendations for next steps.

Timeframe: Progress Report Due April 21 in time for discussion in DC with FICAM. May require weekly calls for now until we have our next steps defined, then move to bi-weekly calls. 

Membership: Ann to contact Brian about inviting Dean Wells from Microsoft to join us on a few calls. 

Leadership: TBD

Resources: email list; Assurance Wiki; Other TBD.

Topic Parking Lot:
  • Investigate turning on FIPS mode in Windows Server implementations. The previous Cookbook WG did look at this, but worth reviewing again. Ron mentioned that turning this on doesn't affect how Windows manages the password store.
  • Multiple AM proposals? Might make more than one AM proposal, depending on the AD technologies addressed. First priority is AD Directory Service. 
  • Which AD products are in scope? AI – Brian will send out a short summary of the products and first stab at how they map against the IAAF scope. 
  • What uses case are in scope?
Food for thought for next call
  • Are we scoping to Silver or Bronze or both requirements?
  • Is the implementation scoped to entire campus pop or a subset?
  • What is our tolerance for including a third-party solution as a mitigating control for an area in which AD is deficient? 

Archive powered by MHonArc 2.6.16.

Top of Page