Attendees: Nicole, Miro, Roland, Rainer.
Current Status of FedLab
Work in the GN4 JRA is mostly focused on testing tools. No big demand for the monitoring area work (already well covered?) Roland has done a lot of work on the OIDC piece and is now refactoring FedLab within the JRA so there is a common framework for OIDC, SAML, UMA.
Internet2 wants to move work forward in this area pretty quickly. Roland has convinced them to not do anything by themselves but help them construct proper tests for the various areas. Nick Roy has put together a document on what an IdP should be able to do (this goes a long way beyond current standards, SAML2Int) including release policies etc. There is also a Working Group within InCommon talking to various vendors on this that might be useful to feed into Kantara work.
NH asked if things were moving forward OK at Kantara relating to SAML2Int as it has been quite quiet. The Harmonisation task should try and push things forward and work with the Kantara people on this area.
A proposal to do more work on FedLab has been put in to the Vietsch Foundation but no response has been received as yet.
Current Status of Monitoring / Metering Tools
Miro’s team will be on the monitoring side of things. It makes sense to keep this separate from FedLab. Miro made a helpful comparison to the eduroam services (CAT is somewhat similar to FedLab, then there is monitoring and metering separately). The CoCo testing tool needs to be moved forward and we need to pull together all the monitoring together. Metering – f-ticks for idp, sp traffic (generic).
Miro asked if we could use FedLab as a signal of quality? Checked via FedLab? FedLab is not a certification tool in the current setup – could be tough to achieve.
What does it mean to be edugain ready? What is the edugain profile? Is this just SAML2Int or is there something else? We need to have more documentation on this.
We need to set up a separate call on monitoring work, including the edugain core team and Lukas.
Service model and Instances
Nicole asked for opinions on the future service structure of FedLab and how many instances we may need to fill the requirements. This has become a fairly ambitious project with partners in GN4, REFEDS, Kantara and InCommon. This is obviously better than reinventing the wheel but is a challenge to manage.
Roland described Fedlab as the place to go to when you want the software packages and the documentation. This is the reference point. We then need to ask if we want to have multiple instances for different user environments and what the benefits of this would be.
In favour of multiple instances: easier to customise to community needs and makes it easier to brand and manage demands of funding streams – no central overhead.
In favour of one instance: building community and knowledge. As people use the repository they are contributing back to what a good test looks like. The more tests, the more we know about what a good test looks like.
We need to think about sustainability, particularly if we want to keep a central model. Areas to think about are:
- Development: test tools, software
- Maintenance: test tools, software
- hosting
- expert support: who do you talk to when you get errors? How can we link that in? (Enabling Users?)
To Dos:
- Nicole and Rainer to talk to Kantara Federation Interoperability Working Group about next steps with SAML2Int.
- Nicole’s task to look at what an eduGAIN profile might look like in the context of FedLab.
- Look at the future service model options for FedLab with Nicole’s task and best structure for it.
- Nicole and Miro to arrange separate call / discussions on the monitoring area.
- Miro and Leif to circulate latest thoughts on SAML F-ticks.