Minutes from the VC. Written by Andreas.
I have contacted individual institusion about putting participant names on different tasks. I’ll publish a new updated work plan including names on all tasks. Comments on content of work plan requested. Is anything unclear? Do people have a feeling of what we want to do in all the work items?
Updated information on wiki
I’ve included links to the different documents.
- Metadata aggregation testing
- Simple Metadata Aggregation
- Lukas added info on signing metadata and configuring Shibboleth
- Virtual Organizations
Wrote a document about virtual organizations.
Split it in two parts:
- The Information Model
- The Data Access Protocols
Collecting use cases and including them in the document.
Ongoing discussion on the data access protocols. Andreas will post some questions about the SAML2 + affiliation approach.
Discussion on the re-use of existing tools like COmanage and Grouper. SURFnet has experience with this. They will post some experiences to the mailinglist, including links to a document. SURFnet also had a presentation at TF-EMC2 in Loughborough earlier this year.
Maybe an idea is to separate the web-interface from the group user storage? Then to standardize on using the LDAP protocol for storing group information. Then NRENs may use different tools for managing groups. Milan will post to the list some information about how groups can be represented in a directory.
UNINETT + RedIRIS will make sure there are proper support in simpleSAMLphp for the AssertionProfile to function as an Attribute Authority. Will be ready in a couple of weeks.
Metadata aggregation testing
Current included participants:
Andreas sent to the list information about how to exclude entities from your own federation.
Discussion on whether or not it is neccessary for a federation to re-distribute confederation metadata to entities or if entities may retrieve metadata from central aggregator directly.
Seems to work fine, Lukas managed to login to Feide attribute viewer.
Andreas sent link to two documents: one specification on the metadata architecture and one with testing notes from JRA3 (including links, certificates etc).
OpenID summary document. Anyone volunteers to write a table of content to initiate the document proccess? Torsten, Licia, RedIRIS?
- Candido from RedIRIS.
- Any others?
No immediate volunteers to start writing… Diego will ask Candido.
Have made several updates to the profile. Feedback from Scot Cantor and SWITCH. May go to Kantara and OASIS. Several federations already support the profile.
Attribute harmonization: Any volunteers to start working on attribute harmonization. What should we do? Make an overview of all existing federation on common attributes like identifiers and name on person and organization.
Feedback that attribute harmonization may be out of scope for a research activity, like JRA3. Will investigate. Maybe we may rephrase the goal of the attribute harmonization document, in such a way that it will become more research-oriented. If we do not do this work, then SA3 should. Because this work is crucial to make confederation work.
Single Logout. NIIF is looking into it, considering to provide SLO for their federation.
Can we create a specification list of bullet points of tests that we would like to perform on respectively:
- Metadata documents
Can people test Feide OpenIdP? The self-register module is a beginning to what can be a federation lab in the future. Andreas will post more information on the list.
Andreas away for three week vacation from next week.
Foodle sent out for deciding next VC.