Interfederation

[Jim Basney <>]

Hi again,

My notes from today's call are below.

For next Tuesday's call I propose the following agenda:

* Interfed with India: news from ScottK's trip
* Update on SteveC's test deployment of MDA code at Brown
* How best to use our 15 minute timeslot during the
  TAC Community Update webinar at noon ET on Fri Feb 22
* More brainstorming on interfed apps to drive our work

Wiki link: https://spaces.internet2.edu/display/incinterfed

-Jim

-----

attending: JimB, MarkS, IanY, PaulC, ScottC, TomS, SteveC, JohnK
eduGain policy committee meeting next week.
  expect to sign off on code of conduct and metadata profile.
  then send to technical group for review.
  JohnK and JimB are observers on technical group.
  challenge of a small group producing these documents.
Quilt/InCommon workshop outcomes
  http://www.thequilt.net/index.php/events/246-2013-quilt-incommon
  MarkS, PaulC, JohnK, and JimB were there.
  looking at how to provide fed to k-12 w/ participation by regionals.
  broaden focus to include community colleges.
  workshop attendees felt community colleges were low-hanging fruit.
  some regionals don't have k-12 in scope. others do. a mix.
  conclusion: 3 working groups created
    admin group: looking at administrative responsibilities shared
      between regionals, state systems, and InCommon
      also looking at membership status, business/cost models
    technical group: testing configurations, looking for pilots
      gateway / proxy IdPs (like social2SAML, Denmark / WAYF model)
      metadata aggregation (eduGain model)
    pilot group: work out pilot requirements
      announcing call for pilot proposals at I2 member meeting in Spring
      try to capture diversity in pilots to evaluate different models
  discussed bundle of services for pilot projects
  diverse interests / requirements
  U Alaska an example of state system.
  strong interest by Illinois pilot project (Bernie @ NCSA)
    common core state standards / online assessments
    ISLE project
  already identifier for primary ed in UK?
    had several attempts.
    current attempt supposed to reach through post-grad.
    not being used by SAML federation work?
    mainly instead using affiliation for SAML work.
    not exposing individual IDs. privacy concerns.
  better to leverage existing state-wide student identifier efforts
discussion of gateways
  TERENA gateway example
  concerns about delegating policy control / trust
  Google doesn't care what you do with data / We have FERPA.
  IdP versus SP gateways.
  SPs outnumber IdPs? does k-12 flip this?
  in UK more regional IdPs than IdP gateways
    bulk aggregated rather than actively interrogated
    10k scopes in k-12 sector through a handful of aggregate IdPs
    IdPs outnumbering SPs
    IdPs run by regional broadband consortia
    in close arrangement with SP suppliers (learning environments)
InCommon/University interfed
  17 IdPs in UTsystem. 15 campuses + system office + finances.
  UTsystem metadata pre-dated joining InCommon.
  federation manager tool works on pub/sub basis.
  whitelist specific entities in InCommon metadata to publish in
    UTsystem metadata.
  handful of metadata profiles.
  all UTsystem members are InCommon members.
  getting updates into InCommon metadata is manual. only Paul.
  potential improvement: automated publishing of UT metadata aggregate
    as input to InCommon metadata
  would need to figure out how UT metadata aggregate would be
    extension of trust in how site administrator gains access to
    InCommon system (second factor for metadata administration)
  starting step: Paul logs in to InCommon and gives metadata URL
    register certificate that signed it.
    related to XML submission.
    dynamic referral - InCommon delegates lookups to UT
    look at DNSsec for comparison.
  what are the technical obstacles we should focus on?
SteveC hoping to see progress on metadata distribution.
  Steve has a copy of Ian's MDA code at Brown.
  1st goal: publish merged InCommon+UK metadata file.
intention is for Shibboleth aggregator to include web service for
  metadata query protocol
interest in Project Mario - Let's get more info from Leif Johansson
something we can do with per-entity metadata?
  Scott will be proposing a separate subgroup for this.
if we add requirements for fancy technical solutions for metadata
  distribution, that takes pressure off of policy folks.
  focus on simple implementation for the work of our group.
TAC community update next week will cover work of this group.
Mark will check on status of UNC federation - Steven Hopper.