eGov Meeting Minutes - 2011-11-07

Kantara eGov Working Group Teleconference

Date and Time

  • Date: 7th November 2011
  • Time: 11:00 PDT | 14:00 EDT | 20:00 CET | 08:00 NZ (8th Nov)

Attendees

Voting:

Colin Wallis, NZ Govt

Keith Uber, Ubisecure

 LaChelle Le Van, Probaris Inc

Sal D'Agostino, IDmachines

Bob Sunday, Canada Fed Govt

Scott Cantor, Internet2

Rainer Hoerbe, Kismed

Denny Prvu, CA/Govt of BC, Canada

Non voting:

Fulup Ar Foll

Neil McEvoy (invited guest)

Leif Johansson (invited guest)

Staff: 

Anna Ticktin

Apologies

John Bradley

Thomas Grundel, IT Crew

Meeting Notes

1) Roll call for Quorum determination

The group reached quorum (8 out of 10).

2) eGov Membership Status. New member intros (CW)

No new members since last call

3) Review and approve September meeting draft minutes (attendees)

 Moved by Rainer, Seconded by Keith

http://kantarainitiative.org/confluence/display/eGov/eGov+Meeting+Minutes+%28Draft%29+-+2011-09-12

The 3rd October call and 21st October face to Face meetiung were both non quorate so will remain as 'Notes' 

http://kantarainitiative.org/confluence/display/eGov/eGov+Meeting+Notes+-+2011-10-03

4) eGov elections: Chair, Vice Chair, Secretary

3 nominations had been received and all 3 were willing to stand for a mix of the 3 positions: Keith, Rainer and Colin.  Staff will engage and propose a match

5) eGov meeting reports: Kantara F2F Redwood City – link below (Colin). SCA KI Summit (Sal)

http://kantarainitiative.org/confluence/display/eGov/eGov+Meeting+Notes+-+Redwood+City+Face+to+Face+Meeting

Redwood City F2F: Less progress was made on the gap analysis between features in the eGov profile and requisite tests than hoped due to lack of experts present. Rainer raised the notion of doing unit testing as a pre-requisite to full matrix testing. Gazelle  http://gazelle.ihe.net/ was offered up as an example.

Smart Card Alliance conference (Kantara Summit): 15 attendees, egov focussed on the value of conformance testing of the implementation profile, a position supported by audience members (e.g. Ian Bailey BC)

Slides here: http://kantarainitiative.org/confluence/download/attachments/3408008/Kantara+E-Gov.pdf

6)  Discussion: White Paper featuring  a Govt Community Cloud (based on Fed Canada’s Cloud roadmap) and Kantara’s Assurance and Certification frameworks for securing federations: (Neil McEvoy invited to present)

http://cloudbestpractices.net/2011/08/31/new-white-paper-government-community-cloud/    and in particular Fed Canada's Cloud Roadmap.

Neil is proposing a new WG on Cloud Best Practices and identifying the touchpoints where Kantara's frameworks, certifications, recommendations and reports can contribute to Best Practice. Suggestion of forming local chapters (starting with Canada).  Neil also saw potential in Kantara 'components' being accepted into Government Community Cloud  shared services. There was brief discussion on Canada health, which is provided by provinces, but had the potential to be virtualised as a more composite/less siloed experience.

More here: http://cloudbestpractices.net/2011/11/08/cloud-identity/

7) Discussion: Collaboration on Profile Management: REFEDS SAML2int, a subset" of Kantara eGov SAML2.0 implementation profile. (Leif invited to lead discussion/all)

REFEDS now hosts SAML2int ("a subset" of Kantara eGov SAML2.0 implementation profile, i.e. one should be able to satisfy the requirements of the SAML2int deployment profile with a SAML2 implementation that conforms to the eGov SAML2.0 implementation profile. In Finland, also the public sector SAML2 deployment profile relies on SAML2int.

Leif noted that eGov2.0 is really a Federation profile, with deployment potential that have wider application than just government (General Electric was mentioned so we look forward to seeing them as members soon!). The Federation Interoperability WG (FIWG) aims to develop a cloud/federation deployment profile using SAMLint as a starting point. Given that both the eGov WG and the FIWG would be 'in the profile business' it would make sense to share best practice on profile management.

Leif asked for volunteers to join the FIWG: http://kantara.atlassian.net/wiki/display/fiwg/Home  and also for a liaison between eGov and FI. (Leif is acting as FI WG's liaison to eGov WG).   

8) Work Item 1: Review eGov 2.0 SAML Profile for additional features needed.  Review Conformance test plan to add tests for untested features (IRB)..John B 

John was not on the call, but regarding additional requirements, Canada wants Language (although this should also go the OASIS TC as a request for a profile), Austria wants Idle Timeout, and the list of issues outstanding from the last review was recalled. 

Scott noted that the gap analysis should include a test for wrapping attacks, given the recent research into XML security and encryption vulnerabilities.   

9) Work Item 2: SLO (including Global Idle Timeout) use case/requirements update  (Rainer and Keith)

No time to discuss, but Keith agreed to circulate UbiSecure's approach. 

10)Work Item 3: Attributes WG update (eGov email thread collecting requirements) (Sal)

Sal briefly reported on the first meeting of the WG, and called for submission of requirements and use cases here. http://kantarainitiative.org/confluence/display/AMDG/Home

11) STORK SAML 2.0 comparison to eGov 2.0 Profile of SAML: Update.. STORK 2? (all)  

 Colin noted that a STORK 2 was rumoured for release early next year, and to be closer to SAML 2.0 than STORK 1 was.

12) LC and BoT updates (Incl. Assurance Review Board and sub committees) (CW/JB)

 No time to discuss

13) Liaisons: OASIS eGov Member Section, KI's ISO and ITU-T's Liaisons

 No time to discuss

14) AOB: Recent threads: One-ID, NZ thread, what else? 

 Brief discussion on ONE-ID being mroe of a goal than an actual service. NZ thread to be closed soon.

Next Monthly Meeting: NOTE DAYLIGHT SAVING CHANGES COMING SOON!

  • Date: Monday, Dec 5th, 2011
  • Time: 11:00 PT | 14:00 ET | 20:00 CET | 08:00 NZ 4th)
  • Dial-In: US: +1 201 793 9022, Skype: + 9900827044630912
  • Code:

NOTE: Do not follow the code with a "#" symbol as it may cause the code not to be recognized.