FIWG Meeting Notes 2011-09-29
Attendees:
John Bradley
Hank Mauldin
Mary Ruddy
RL "Bob" Morgan,
Leif Johansson
Notes:
- Roll Call---non quorate (motion for minutes carried to the next call)
1. State of PEER:
- LJ: currently 0.5 is released, and dev contract is at an end
- but it is not in usable state
- new contract being arranged to get it to 1.0
- JB:Â Rainer Horbe asked about support for automated compliance reports
- answer:Â no, but funding from AT gov could change that ...
- comparison to Danish JANUS system?
- LJ:Â JANUS wasn't designed to be extended, so hasn't been
- what is mechanism in PEER project for funding feature requests?
- can FI-WG do so? OIX? some governments?
- LJ:Â needs to be one backlog with common prioritization,
- modulated by funding
- best to flow funding thru TERENA
- JB:Â may have to figure how usual USG contractors can be involved
- for fundable work to meet GSA needs
- LJ:Â seems like Kantara/OIX operational requirements can be met with
- current user stories around administrator control of entry tagging
- JB:Â this could be a good thing for OIX to fund
- LJ:Â could make sense to fund Shib work on MDX
- JB:Â PingID may have some interest in MDX
- LJ:Â the IETF draft on MDX needs some updating, may need new author
- would be good to have it published even on Experimental track
2. AOB
- RL:Â useful to have official SSTC spec for SAML metadata in JSON?
- since JSON would be more appealing to OpenID Connect community?
- JB:Â maybe, could be contentious, mechanical translations are ugly
- then of course there's the namespace problem
- aka the extensibility problem
- LJ:Â could be good engagement for Andreas Solberg
who has already done something like SAML md for OpenID Connect
- LJ:Â Swedish "fed soup" event indicated interest in
"federation management appliance" supporting sector federations
JB:Â this may be the market that PingID sees
- Proposed multilateral federation requirements/architecture doc
- JB:Â will create the doc space for proposed architecture doc
RL:Â will add some content real soon now
- RL:Â something to be done in evangelizing FI work in OpenID Connect?
- LJ:Â presumably would be of interest in managing attribute trust
- ie who is trusted to assert what kind of attribute
- JB:Â eg Google's work with Post Office on street addresses
- MR:Â yes, attributes are the key
- RL:Â could be good opportunity at upcoming IIW, especially if
- architecture doc is available, to do a session on this
- JB:Â let's do it