Call Oct 6 2009

0) Roll

  • Mark Anderson
  • Eve Maler
  • John Tolbert
  • Paul Madsen
  • Dave Pawson
  • Tatsuki Sakushima
  • Ari Kermaier
  • John Bradley
  • Staff: Joni Brennan

1) Approval of minutes from Vegas 

     - http://kantarainitiative.org/confluence/display/concordia/Las+Vegas+Sept+16+2009
     - No quorum

2) Status of nominations for Co-chair (Joni) 

    - We are working on the quorum this week by polling for active vs observer status.  We will have the realistic and accurate quorum number at the close of the week.  We will open Co-Chair elections Monday.

3) Poll for call schedule (Paul)

    - responses are at http://bit.ly/GSm3i  (Sept 28-Oct 02 representative)
    - is there a 'mandate' for change?
    - Friday 11am EST as possibility
        - There is no consensus for a better time.  Agreement to stick with the current time
        - Question: Why is there a 2 week time lapse for a member lose status?  Why not longer?  
        - Answer: The time is governed by the Operating Procedures.
        - Action: Paul will send a note to the list to confirm the decision to keep the current call time.

4) LOA survey (Eve?)

    - list of interviewees
        - As identified in Vegas minutes
        - Eve found some others at XML school
        - Interview team for each of above 
 .          - Victoria, BC Brian Campbell / eHealth
            - University College Cork - Franklin (last name?) / Collects data to monitor drinking water quality.
            - One other contact from Vegas meeting (Name?)
       - Summary: Learned that some questions needed clarification in the real time discussion. The need for answer examples was cited as the best way to address this feedback. Additionally there should be a question that asks "are there any questions we should have asked but didn't?".  We should also be sure to capture some demographic information about our sample by asking what vertical they are from and size of organization.  Also, Ari has two other candidates. These contacts need follow up discussion from Ari. Basically there are 6 candidates for interview now
       - Question: If it's ready for survey form do we not need to do these interviews?
       - Answer: After Eve recirculates we'll post the survey up on surveymonkey and distribute it to the 'interviewee' audience as a test case.
       - Timing and scope: combine the interviews in to the test case sample this month and launch the survey by no later than next month.
       - Action: Eve to make the LOA questions more in plain english with examples and recirculate.
       - Action: Ari to have follow up discussion regarding LOA survey with his 2 contacts.
       - Action: Joni will help with the LOA survey Surveymonkey administration.

5) Authz survey (John T)

    - http://kantarainitiative.org/confluence/display/concordia/Authorization+survey+draft
    - current status: John gave quick update on survey progress - cleaned up/removed acryonms etsit's a different kind of survey than we're imaginigs for assurance.  There is also one open ended text box question to allow for open responses and additional info.
    - Question: Do we want 2 active surveys at the same time?  
    - Answer: We should be sure to schedule them separately so we can ensure that each get focused audience attention.    - next steps: Collect more feedback for the next 2 weeks and move to survey monkey after next call

6) Possible new work items

    - SAML/OAuth hybrid (Paul)
        - Discussion: Possible segue from SAML based SSO in to an Oauth secured attribute sharing scenario.
    - Metadata (Scott?)
        - Discussion: Metadata / circle of trust - how do you describe a trust framework / trust model. John T had a productive conversation with someone from SUN about this (indicating support).  The hurddle is comeing up with something people can/will implement.  Vendors need to support SAML metadata or we are limited in what we can achieve.        - Action: John T will talk to Scott about some opportunities with InCommon and I2
    - whitelisting? (linked to above?)
    - others?
.       - Education and outreach in W3C terms.  The KI mission/vision goals look very high level.  Suggestion that these topics need to be accessible and digestible by a larger audience - terminology etc needs to be explained.  This may be out of scope for DG Concordia.  Trent Adams is the Chair of the Identity Community Update Discussion Group (ICU DG) that had that sort of intent.  Perhaps it's a good discussion for ICU DG. Also worth noting, Concordia is contemplating putting on a webinar talking about WS-Fed adoption of SAML metadata
            - Question: How do we sell this to managment types.
            - Answer: Sell it in this order:
                - geeks
                - it director
                - financial director

7) AOB

    - Paul sent a note to the list detailing a new deployment guideline draft focused on Proxying between OpenID and SAML. Paul gave short summary and advised that all comments are welcome.

Note that the subject line of the email indicates OAuth is involved - thats a typo

- http://kantarainitiative.org/pipermail/dg-concordia/2009-October/000067.html