Skip to Content.
Sympa Menu

assurance - [Assurance] RE: InCommon Silver with Active Directory call 10/26 10:00 a.m. central time

Subject: Assurance

List archive

[Assurance] RE: InCommon Silver with Active Directory call 10/26 10:00 a.m. central time


Chronological Thread 
  • From: "Roy, Nicholas S" <>
  • To: "" <>
  • Subject: [Assurance] RE: InCommon Silver with Active Directory call 10/26 10:00 a.m. central time
  • Date: Wed, 26 Oct 2011 13:27:07 +0000
  • Accept-language: en-US

FYI, the minutes from our last meeting:
https://spaces.internet2.edu/display/cicincsilver/September+7th%2C+2011+InC+Silver+with+AD+Conference+Call

The draft AD/Silver cookbook:
https://spaces.internet2.edu/display/cicincsilver/InCommon+Silver+with+Active+Directory+Cookbook+-+DRAFT

IAP document v1.1:
http://www.incommon.org/docs/assurance/IAP_V1.1.pdf

Best,

Nick

-----Original Message-----
From:


[mailto:]
On Behalf Of Roy, Nicholas S
Sent: Monday, October 24, 2011 9:13 AM
To:

Subject: [Assurance] InCommon Silver with Active Directory call 10/26 10:00
a.m. central time

We have an InCommon Silver with Active Directory call scheduled for this
Wednesday, October 26th, from 10-11 a.m. central time.

Here's the agenda:

1)      Quick intro to the project for new participants
2)      Review changes to cookbook since last meeting
3)      Items for discussion
a.       Does 4.2.4.4 suggest an AD lifecycle of the following?
Revocation event -> AD user is disabled -> 180 days passes -> AD user may be
deleted (if desired) or is some other records retention process sufficient?
b.      Is ADFS outside the scope of this document? How about Shibboleth
pointed at AD? If they aren't outside the scope, then we probably need to add
some content specific to them.
c.       Might be some Windows specific stuff on 4.2.5.6: Mitigate risk
of sharing credentials
d.      4.2.4.1: Credential Issuance implies that the AD user
provisioning process follows some processes--i.e. doesn't have folks who can
create user accounts that don't follow the process. Do we need to say
anything explicitly about that?
e.      AD-relevant ways to handle 4.2.4.2: Credential revocation and
expiration
4)      Next steps
a.       Help from others- people willing to contribute?
b.      Timeline for completion
c.       Getting the word out - ideas?

Conference bridge information for this call:

+1-734-615-7474 (Please use if you do not pay for Long Distance)
+1-866-411-0013 (toll free US/Canada Only)
 
Access Code: 0113279#

I look forward to hearing from you all -

Thanks,

Nick
------------
Nicholas Roy - Identity Architect
The University of Iowa / ITS - Administrative Information Systems / Directory
and Authentication




Archive powered by MHonArc 2.6.16.

Top of Page