Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Attendance

Federations in Attendance (

...

21)

  1. SWITCHaai
  2. FÉR

Attendees (xx)

  1. Brook Schofield, GÉANT
  2. Casper Dreef, GÉANT
  3. Nicole Harris, GÉANT
  4. Thomas Lenggenhager, SWITCH
  5. Terry Smith, AAF
  6. Chris Phillips, CANARIE
  7. Arnout Terpstra, SURFconext
  8. Maja, P
  9. Zenon Mousmoulas, GRNET
  10. Sten Aus, EENet / TAAT (Estonia)
  11. Sven Hüsson, EENet / TAAT (Estonia)
  12. Alex
  13. Anass Chabli, FÉR
  14. Jonathan Cheng, HKAF
  15. Nicholas Mbonimpa
  16. Pål Axelsson, SWAMID
  17. Pascal P, Belnet
  18. Saeed Khademi, IRFed
  19. ...
  20. Gerrit Bahlman, APAN Chair
  21. Erik K., NORDUnet
  22. Toby Chan, HKAF
  23. William Wan, CARSI
  24. xxx, Bangladesh
  25. Peter Kopac, safeID
  26. Justin Knight, Jisc
  27. Guy Halse, SAFIRE (with Donald Coetzee)
  28. Davide Vaghetti, GARR

Apologies (x)

  • Wolfgang Pempe, DFN
  • Peter Schober, ACOnet
  • ...

Notes

Current status - New members and candidates: See https://technical.edugain.org/status and work on progressing new members is underway.

Privacy and Member Contacts

    • Technical website email addresses.
    • Mailing list membership visibility.

Nicole highlighted the eduGAIN GDPR Impact Assessment and there will be a follow-up blog post summarising this advice. This is not a document for consultation/feedback - it is advice from the GÉANT project to the community.

Three options for the technical website:

  1. Default name + email address listed (current situtation).
  2. Default name with hidden email address.
  3. Neither name nor email address.

It was decided that  the best approach would be to ask eduGAIN-SG delegates and deputies to give consent to their information being published and told that not having this information public is an option. 

  •  ACTION20180327-01Nicole Harris to ask all the SG delegates and deputies to opt-in to having their data published on the eduGAIN website, and make them aware that email can be hidden.

Mailing list subscription.

At the moment the eduGAIN-SG mailing list is set to the default that subscriber information is not visible to other subscribers.  It is proposed that SG members have a legitimate interest in seeing this information (particularly if details may not be shown on the public webpage) so this should be changed to being visible to subscribers. 

  •  ACTION20180327-02Brook Schofield to propose a change in the mailing list settings to allow subscribers of the eduGAIN-SG to see other subscribers and give them a window to object. 

Candidate, Member and Participant Requirements

SG members were asked to review federations that have a) been in the candidate

This comes with a caveat that there isn’t yet a decision by the eduGAIN SG on how to proceed.

Thomas Lenggenhager suggested that a period of 18 months of lack of activity for candidate federations would be a good starting point for reviewing candidate federations.  There would need to be a clear definition of what constituted a lack of activity.   Brook suggested that candidates should have produced a policy and a MRPS within this period of time.

Thomas W queried whether there was any real problem with candidates not having shown activity and it might force candidates to invent policies that were not suitable simply to show progress. 

A simple measure of progress might be that the federation is still responding to email and that this would be sufficient. 

  •  ACTION20180327-03Brook Schofield to propose email response as a simple bar for measuring responsiveness of candidate federations.

For existing participants, there is no check currently in place to ensure that the requirements that existed at the point of joining are still fully in place.  Nicole proposed that this information should be re-validated once every 12 months and if requirements are not being met, then federations may be asked to restart the membership process. 

  •  ACTION20180327-04: eduGAIN-OT to implement a yearly check of basic requirements for member federations.  If requirements are not being met by any member federation, these issues will be brought to the next eduGAIN-SG for review. 

Chris asked if policies should be reviewed by the eduGAIN-SG if they have changed.  It was suggested that it would be good practice for federations to self declare on the eduGAIN-SG if they change their policy or MRPS and invite members to comment.  Changes revealed during the yearly check should also be communicated to the SG list. 

Long term candidacy

...

Serbia - iAMRES

...

Members not actively contributing metadata

...

Following REFEDS best practices

Participating Member Nits 

...

Participating Member Problems

...

MRPS compulsory or not?

...

  1. AAF
  2. CAF
  3. SURFconext
  4. PIONIER.Id
  5. GRNET
  6. TAAT
  7. RIF
  8. HKAF
  9. SWAMID
  10. Belnet-AAI
  11. IRFed
  12. KAFE
  13. Tuakiri
  14. SAFIRE
  15. LEAF
  16. IDEM
  17. IIF
  18. UK Federation
  19. SGAF
  20. CARSI*
  21. safeID*

*Not a member.

Attendees (36)

  1. Brook Schofield, GÉANT
  2. Casper Dreef, GÉANT
  3. Nicole Harris, GÉANT
  4. Thomas Lenggenhager, SWITCH
  5. Terry Smith, AAF
  6. Chris Phillips, CANARIE
  7. Arnout Terpstra, SURFconext
  8. Maja Gorecka-Wolniewicz, PIONIER.Id
  9. Tomasz Wolniewicz, PIONIER.Id
  10. Zenon Mousmoulas, GRNET
  11. Sten Aus, EENet / TAAT (Estonia)
  12. Sven Hüsson, EENet / TAAT (Estonia)
  13. Alex Mwotil, Uganda/RIF
  14. Anass Chabli, FÉR
  15. Jonathan Cheng, HKAF
  16. Nicholas Mbonimpa, Uganda/RIF
  17. Pål Axelsson, SWAMID
  18. Pascal Panneels, Belnet
  19. Saeed Khademi, IRFed
  20. Lukas Hämmerle, SWITCHaai
  21. Jang Minseok, Korea
  22. Sat Mandri, NZ/Tuakiri
  23. Vladimir Mencl, NZ/Tuakiri
  24. Guy Halse, SAFIRE (with Donald Coetzee)
  25. Valentin Pocotilenco, LEAF
  26. Davide Vaghetti, GARR
  27. Zivan Yoash, IIF
  28. Toby Chan, HKAF
  29. Simon Green, SGAF
  30. Justin Knight, Jisc
  31. Gerrit Bahlman, APAN Chair
  32. Erik K., NORDUnet
  33. William Wan, CARSI
  34. Md. Mahedi Hasan, Bangladesh/BdREN
  35. Peter Kopac, safeID
  36. Sharon Pingi, Uni PNG

Apologies (11)

  1. Wolfgang Pempe, DFN
  2. Peter Schober, ACOnet
  3. Nick Roy, InCommon
  4. Ann West, InCommon
  5. Barbara Monticini, Italy/IDEM
  6. Jean Carlo Faustino, Brazil/CAFe
  7. Alejandro Lara, Chile/COFRe
  8. Jiri Borik, eduID.cz
  9. Andria Dionysiou, Cyprus/CIF
  10. Fernand De Decker, Belnet
  11. Jaime Pérez Crespo, FEIDE

Notes

Welcome, Introductions & Agenda Agreement

The Chair welcomed everyone to the 2nd meeting of 2018. The open action item is addressed in the agenda.

Membership issues are to be discussed extensively at this meeting.

For details on new members and candidates see https://technical.edugain.org/status and work on progressing CAFMoz, RUNNET-AAI and safeID is underway.

Privacy and Member Contacts

Nicole highlighted the eduGAIN GDPR Impact Assessment and there will be a follow-up blog post summarising this advice. This is not a document for consultation/feedback - it is advice from the GÉANT project to the community.

Three options for the technical website:

  1. Default name + email address listed (current situtation).
  2. Default name with hidden email address.
  3. Neither name nor email address.

It was decided that the best approach would be to ask eduGAIN-SG delegates and deputies to give consent to their information being published and told that not having this information public is an option. 

  •  ACTION20180327-01Nicole Harris to ask all the SG delegates and deputies to opt-in to having their data published on the eduGAIN website, and make them aware that email can be hidden.

At the moment the eduGAIN-SG mailing list is set to the default that subscriber information is not visible to other subscribers.  It is proposed that SG members have a legitimate interest in seeing this information (particularly if details may not be shown on the public webpage) so this should be changed to being visible to subscribers. 

  •  ACTION20180327-02Brook Schofield to propose a change in the mailing list settings to allow subscribers of the eduGAIN-SG to see other subscribers and give them a window to object. 

Candidate, Member and Participant Requirements

SG members were asked to review federations that have:

  1. been in candidate federation status for a long time and
  2. been voting only members  / non participants for a long time and
  3. make proposals as to how to proceed.

Thomas Lenggenhager suggested that a period of 18 months of lack of activity for candidate federations would be a good starting point for reviewing candidate federations. There would need to be a clear definition of what constituted a lack of activity. Brook suggested that candidates should have produced a policy and a MRPS within this period of time.

Thomas W queried whether there was any real problem with candidates not having shown activity and it might force candidates to invent policies that were not suitable simply to show progress.

A simple measure of progress might be that the federation is still responding to email and that this would be sufficient. 

  •  ACTION20180327-03Brook Schofield to propose email response as a simple bar for measuring responsiveness of candidate federations.

For existing participants, there is no check currently in place to ensure that the requirements that existed at the point of joining are still fully in place.  Nicole proposed that this information should be re-validated once every 12 months and if requirements are not being met, then federations may be asked to restart the membership process. 

  •  ACTION20180327-04: eduGAIN-OT to implement a yearly check of basic requirements for member federations.  If requirements are not being met by any member federation, these issues will be brought to the next eduGAIN-SG for review. 

Chris asked if policies should be reviewed by the eduGAIN-SG if they have changed.  It was suggested that it would be good practice for federations to self declare on the eduGAIN-SG if they change their policy or MRPS and invite members to comment.  Changes revealed during the yearly check should also be communicated to the SG list. 

Long term candidacy

FederationDate of ApplicationStatusDecision
Albania - RASH2018-01-18Recent applicant. No Policy/MRPS.New simple bar for participation (responding to email) will be applied.
China - CSTCloudFederation2017-11-10Recent applicant. Ready for assessment.New simple bar for participation (responding to email) will be applied.
China - CARSI2017-08-01Declaration only. No Policy/MRPS.New simple bar for participation (responding to email) will be applied.
Lebanon - LIFE2017-08-07MRPS required prior to assessmentNew simple bar for participation (responding to email) will be applied.
Malawi - MAREN2016-06-08Declaration only. No Policy/MRPS.New simple bar for participation (responding to email) will be applied.
Malaysia - SIFULAN2018-01-22Recent applicant. Ready for assessment.New simple bar for participation (responding to email) will be applied.
Mexico - FENIX2017-10-25Declaration only. No Policy/MRPS.New simple bar for participation (responding to email) will be applied.
Montenegro - eduID2015-06-16Policy under development.New simple bar for participation (responding to email) will be applied.
Mozambique - CAFMoz2016-10-13Joining process underway. Response to feedback required.New simple bar for participation (responding to email) will be applied.
Russia - RUNNET AAI2018-01-26Joining process underway. Responding to feedback.New simple bar for participation (responding to email) will be applied.
Russia - фEDUrus2013-07-03Declaration only. No Policy/MRPS.New simple bar for participation (responding to email) will be applied.

Serbia - iAMRES

2015-04-01Declaration only. No Policy/MRPS.New simple bar for participation (responding to email) will be applied.
Slovakia - safeID2015-06-16Recent activity. New SG deputy and work on Policy.New simple bar for participation (responding to email) will be applied.

Members not actively contributing metadata

FederationApplication DateJoining DateStatusDecision
Bulgaria - BIF2017-03-152017-10-27Operational Federation not Supplying MetadataIt was agreed that there are no issues with Bulgaria's participation.
Cyprus - CyNet Identity Federation2017-05-182017-08-15Federation Production supported by GRNETNo decision was made here.
Italy - Grid Identity Pool2013-07-032016-08-11Operational Federation not Supplying MetadataIt was agreed that there are no issues with GridIdP's participation.
New Zealand - Tuakiri New Zealand Access Federation2013-11-262013-11-26Operational Federation not Supplying MetadataIt was agreed that there are no issues with NZ's participation.
Turkey - YETKİM2013-11-062013-11-26No Policy, No MRPS, No MetadataTurkey was flagged as not meeting the current requirements for membership.  This will be followed up with YETKIM.

Following REFEDS best practices

Participating Member Nits 

FederationIssueStatusDecision
Argentina/MATENo creationInstant availableSupport/Chair to make contact with the federation on this issue.No decision was made here.
Finland/HAKANo creationInstant availableSupport/Chair to make contact with the federation on this issue.No decision was made here.
Greece/GRNET-AAISG deputy missingSupport/Chair to make contact with the federation on this issue.No decision was made here.
Ireland/EdugateNo creationInstant availableSupport/Chair to make contact with the federation on this issue.No decision was made here.
Portugal/RCSTaaiNo creationInstant availableSupport/Chair to make contact with the federation on this issue.No decision was made here.
Spain/SIRNo creationInstant availableSupport/Chair to make contact with the federation on this issue.No decision was made here.

Participating Member Problems

FederationIssueStatusDecision
Croatia/AAI@EduHrSupplied English version of the Policy missingWill be available by Tuesday 1 May 2018To be reviewed at the next SG meeting. 

MRPS compulsory or not?

FederationMRPS ExistsMRPS Based on TemplateDecision
Algeria/ARNaaiYESYESMeets requirements
Argentina/MATEYESYESMeets requirements
Armenia/AFIREYESYESMeets requirements
Australia/AAFYESYESMeets requirements
Austria/ACOnet Identity FederationYESYESMeets requirements
Belarus/FEBASYESNOAsk to be reviewed and put in place by 1st April 2019
Belgium/Belnet FederationYESNOAsk to be reviewed and put in place by 1st April 2019
Brazil/CAFeNON/AAsk to be reviewed and put in place by 1st April 2019
Canada/Canada Access FederationNON/AAsk to be reviewed and put in place by 1st April 2019
Chile/COFReNON/AAsk to be reviewed and put in place by 1st April 2019
Colombia/COLFIREYESYESMeets requirements
Croatia/AAI@EduHrNON/AAsk to be reviewed and put in place by 1st April 2019
Czech Republic/eduID.czNON/AAsk to be reviewed and put in place by 1st April 2019
Denmark/WAYFNON/AAsk to be reviewed and put in place by 1st April 2019
Ecuador/MINGANON/AAsk to be reviewed and put in place by 1st April 2019
Estonia/TAATYESYESMeets requirements
Finland/HAKANON/AAsk to be reviewed and put in place by 1st April 2019
France/Fédération Éducation-RechercheNON/AAsk to be reviewed and put in place by 1st April 2019
Georgia/Grena Identity FederationNONOAsk to be reviewed and put in place by 1st April 2019
Germany/DFN AAINONOAsk to be reviewed and put in place by 1st April 2019
Greece/GRNETNONOAsk to be reviewed and put in place by 1st April 2019
Hungary/eduId.huNONOAsk to be reviewed and put in place by 1st April 2019
India/INFEDYESNOAsk to be reviewed and put in place by 1st April 2019
Iran/IR FedYESYESMeets requirements
Ireland/EdugateYESNOAsk to be reviewed and put in place by 1st April 2019
Israel/IUCC Identity FederationYESNOAsk to be reviewed and put in place by 1st April 2019
Italy/IDEMYESNOAsk to be reviewed and put in place by 1st April 2019
Japan/GakuNinYESNOAsk to be reviewed and put in place by 1st April 2019
Korea/KAFEYESNOAsk to be reviewed and put in place by 1st April 2019
Latvia/LAIFEYESNOAsk to be reviewed and put in place by 1st April 2019
Lithuania/LITNET FEDINONOAsk to be reviewed and put in place by 1st April 2019
Luxembourg/eduID LuxembourgYESYESMeets requirements
Macedonia/AAIEduMkNONOAsk to be reviewed and put in place by 1st April 2019
Moldova/LEAFYESYESMeets requirements
Norway/FEIDENONOAsk to be reviewed and put in place by 1st April 2019
Oman/Oman KIDYESYESMeets requirements
Poland/PIONIER.IdYESNOAsk to be reviewed and put in place by 1st April 2019
Portugal/RCTSaaiNONOAsk to be reviewed and put in place by 1st April 2019
Singapore/Singapore Access Federation - SGAFYESYESMeets requirements
Slovenia/ArnesAAI Slovenska izobrazecalno raziskovalna federacijaNONOAsk to be reviewed and put in place by 1st April 2019
South Africa/SAFIREYESYESMeets requirements
Spain/SIRYESNOAsk to be reviewed and put in place by 1st April 2019
Sweden/SWAMIDYESNOAsk to be reviewed and put in place by 1st April 2019
Switzerland/SWITCHaaiYESNOAsk to be reviewed and put in place by 1st April 2019
The Netherlands/SURFconextYESNOAsk to be reviewed and put in place by 1st April 2019
U.S./InCommonYESNOAsk to be reviewed and put in place by 1st April 2019
Uganda/RIFYESYESMeets requirements
Ukraine/PEANOYESNOAsk to be reviewed and put in place by 1st April 2019
United Kingdom/UK federationYESYESMeets requirements
Bulgaria/BIFNONOAsk to be reviewed and put in place by 1st April 2019
Cyprus/CyNet Identity FederationYESYESMeets requirements
Hong Kong/HKAFYESNOAsk to be reviewed and put in place by 1st April 2019
Italy/Grid Identity PoolNONOAsk to be reviewed and put in place by 1st April 2019
New Zealand/Tuakiri New Zealand Access FederationYESNOAsk to be reviewed and put in place by 1st April 2019
Turkey/YETKIMNON/AAsk to be reviewed and put in place by 1st April 2019


The accuracy of the above table needs to be confirmed. There are 21 federations without any MRPS and of those with some joining practice documented there are 16 that have an MRPS template compatible version of their MRPS. Feedback on your particular federation welcome.

Step 1: MRPS for everyone.

Step 2: MRPS template compatible MRPS for everyone.

The deadline was set as 1st April 2019 for all federations to have an adequate MRPS. 

  •  ACTION20180327-05: Brook SchofieldNicole Harris to contact all of the federations that do not have an adequate MRPS to discuss a plan for implementing a MRPS. 

Incident response requirements

Nicole highlighted that edugain-support had started looking at the requirements for incident response and asked for comments and suggestions on the proposed requirements review for central support for incident response at eduGAIN.  This can be found at: eduGAIN Incident Management Coordination Role.

OIDC Federation

Davide gave an update on the status of OID and its potential impact on eduGAIN. 

Brook asked when we will start to see OIDC federation happening within federations.  To start work on an OIDC profile within eduGAIN we need to see participation from a broader group of federations and the OIDCre group will look to start proposing a profile for OIDC (within eduGAIN).  Timing will depend on that participation.

An introduction of an OIDC profile would be open to all members of eduGAIN. 

Chris asked on engagement between R&E and the OpenID Foundation. Davide reported that Roland was part of the OpenID Foundation and Mike Jones in return had participated in OIDCre work.  Roland and Davide will also participate in the IIW in the next couple of weeks and propose an R&E working group within the OpenID Foundation.  The biggest issue is finding someone to champion this work.  We are seeing repeated problems with experience developers leaving our area. 

Future meetings

The next meeting will take place on 8th May 2018 at 12:00 - 13:00 PDT.

Step 1: MRPS for everyone.

Step 2: MRPS template compatible MRPS for everyone.

The deadline was set as 1st April 2018 for all federations to have an adequate MRPS. 

  •  ACTION20180327-05: Brook SchofieldNicole Harris to contact all of the federations that do not have an adequate MRPS to discuss a plan for implementing a MRPS. 

Incident response requirements

Nicole highlighted that edugain-support had started looking at the requirements for incident response and asked for comments and suggestions on the proposed requirements review for central support for incident response at eduGAIN.  This can be found at: eduGAIN Incident Management Coordination Role.

Future meetings: