2015-12-07 eGov Meeting Minutes

Date and Time

Date: 7. December 2015

Time: 11:00 PDT | 14:00 EDT | 20:00 CET | 06:00 NZ(+1)

Roll Call

  • Rainer Hörbe  
  • Keith Uber (Note taker) 
  • Thomas Gundel
  • Judy Keator
  • Ken Dagg
  • Colin Wallis
     

1. Administration

Quorote call. No meeting minutes ready for review. Two previous calls non-quorate.   

Planned Agenda for the call

1. Roll call, approve previous meeting minutes

2. Update: Code of Conduct for RPs/APs

3. Update: Combined InCommon/REFEDS/SAML2 Int/eGov profile for SAML 2.0

4. Country and recent conference reports - EWTI

5. 'I don't Agree' campaign and Project MAPPING

6. Election of officers for 2016

7. Upcoming events

 

2. Update: Code of Conduct for RPs/APs

Colin: Some progress, waiting on Canada: DIACC (Digitial Identifcation and Authentication Council of Canada) is creating a trust framework model. The focus of DIACC on Identifcation rather than Identity as SPs/RPs need to identify a subject.

Hoping to include relevant parts of this in the code of conduct.

Still looking for other repositories and sources of information (in addition to existing RealMe, WAYF, Incommon, Treasury Board of Canada, REFEDS etc)

Proposing to start to draw the work to a close and hope to get input.

3. SAML2 Federation Profile for Interoperability

Rainer: An effort to make an updated interoperability profile and conformance profile for SAML.

The primary motivation for is to get this out to reduce interoperability problems in large deployments.

The plan is to hand this over to Kantara FIWG and be published as a generic interoperability profile.

It has been carefully built to make non-specific, no references to EDU, generic etc

The plan is to request Microsoft to update ADFS to make it compatible. Cross vendor support for this profile is an important aim.

Especially metadata interoperability has been a focus.

Can be seen as a successor to the Kantara interoperability profile for eGov. A lot of our Kantara eGov requirements found their way in to the eIDAS specification.

Rainer will produce a diff of the Kantara eGov compared this new one.

Rainer requests implementer engineers to join the FIWG and/or review the document.

Not to have separate R&D and eGov profiles, but to have one common.

For testing against this profile, there is a parallel project, Roland Hedberg and Rainer Hörbe have been contracted to work on automated test harnesses, integrating SAML2 and OIDC tests.

Will include a test workspace specifically for this profile.

The idea is to move the SAML specification from the PDF document to code.

Not normative but the defacto compliance.

REFEDS is sponsoring the operation of the test suite and basic level support.

Test scenarios will be a workflow.

Federation operator can ask an SP during the on-boarding process to first run the test and submit successful results to federation operator before joining.

Concerns were raised concerning how the new SAML2 Federation Profile for Interoperability will affect existing systems such as the Canadian Concierge and the US Connect.gov and if it was significantly different how it might affect adoption. Judy Keator volunteered to get some of the SecureKey people to look at it (SecureKey is the implementor of the US and Canadian solutions).

For example, it definitely requires trust management for metadata. PKI as a trust management scheme is not supported.

It was note that thus is not a deployment profile. It is interoperability profile.

An implementation profile does not inhibit you have extensions etc

The timeline for completion is the end of April 2016.

4. EWTI Conference

Great success, 95 registrations for the unconference.

Slightly changed format, with dedicated note takers taking 120-130 pages of notes. Which will be on the EWTI t few weeks.

Interesting topics for eGov: eIDAS overview of legal aspects, privacy by design, pseudonymity, anonymity

AP: Rainer to send short overview to the mailing list

Next year: Community building effort to work on next year. Welcome!

REFEDS 50-65 people attended REFEDS/eduGain meetings colocated with EWTI

No Kantara meeting there this year, hopefully next year.

5a. I Don't Agree

 "I don't agree" is to provide a way to register and receive information about personal data rights under existing

For citizens to exercise their rights

Providing a way for people to ask if they have any data about themselves

Providing a way for people to ask about a data usage report themselves.

5b. Project MAPPING

Patrick Curry could be invited to give a short talk on this / Human rights and privacy

- AP: Colin to invite Patrick to the next call

6. Officer Elections

Nominations for Chair, Co-chair and Secretary are invited for the year ahead. The election and ballot will proceed as per the standard Kantara process.

Rainer is prepared to continue as Chair and Keith as secretary if elected. Invitations for nominations for the position of co-chair or vice chair are invited.

 

7. Leadership Council Matters

LC approved the following funding requests to go to the Board of Trustees.

  • CIS - I don't agree / Privacy Day 2016 Jan 28th
  • IAWG - Make normative the descriptions of the service assessment criteria
  • Health Information Workgroup - Co-sponser a breakfast at the annual conference (May?)

Two more funding requests (to be handled on the next LC call) 

  • UMA
  • UMA-Dev

Please read the press release on CCICADA https://kantarainitiative.org/kantara-ccicada/

8. Upcoming Events

Jan 28 2016 Privacy Day

 

 

Next Meeting  

Date and Time

Date: 4. January 2016

Time: 11:00 PDT | 14:00 EDT | 20:00 CET | 06:00 NZ(+1)

------------------------------------------------------- 

To join the teleconference 
------------------------------------------------------- 
DIAL IN INFORMATION: 

Skype:  +99 051 000 000 481 
Conference Id: 613-2898 
US Dial-In: +1-805-309-2350  

http://kantara.atlassian.net/wiki/display/GI/Telco+Bridge+Info