Meeting Notes - 2010-05-10 Conference call

Meeting Notes - 2010-05-10 Conference call

Agenda

Attendees

Notes

InCommon Silver Certification/Audit Update

• NIST requires tracking ID numbers when Identities are vetted
• Berkeley offering to certify in 2010.
• UCSB will also attempt to certify by Fall 2010.
• UCB and UCD use "Deputies" to do actual in-person ID vetting.

There are concerns over tracking/storing government issued ID number (driver's license, passport) in IDM Systems:

• UCB checks ID during in-person vetting, but does not store the ID number (UCLA does the same).
• UCD asks whether storing partial ID (i.e., last 4 digit) is sufficient.

Both UCB and UCD are predicting that the InCommon Silver audit requirements as currently defined will need to be tracked in IDM directly, since no source systems have the requisite data. Both UCB and UCD use "Account Admin Deputies" who are "Deputized" to mark accounts as "identity vetted".

InCommon Certificate Service

• InCommon, in collaboration with Comodo, to offer SSL certificate service.
• currently in limited beta.
• see http://www.incommonfederation.org/cert/ for details.

Kuali Identity Manager with Shibboleth

• David and Curtis were to provide update, but weren't able to make the call
• Generally not a lot of detail from the Kuali call. Some back ground info available at: https://test.kuali.org/confluence/display/KULRICE/Federating+Identity+in+Kuali+-+First+meeting
• Curtis from UCD to schedule another call when there is progress

UC Library uses of UCTrust/InCommon

• John and David weren't able to make the call; skipped agenda item.

Revitalize UCTrust Work Group

Discussed Charter at https://spaces.ais.ucla.edu//x/RgKSAQ

There were no objections to the charter/description as written. There is general agreement that at this time, the "open" nature of the group is appropriate, i.e., there is no need for appointed "voting" members.

The group agreed on a general schedule of 1 to 2 face-to-face meetings per year with bi-monthly calls in between. Should specific projects/needs arise, the group may meet more frequently.

Other Topics

Sun IDM and Oracle

Eric (UCSC) and Dedra (UCB) will schedule a UC discussion in the next two weeks.

Informal discussion indicates several campuses have mid-length support contracts from Sun (i.e., 3-5 years); no initial desire to move to the Oracle product (at least without seeing what gets released later).

MS for Work at home

Microsoft is partnering with eAcademy to allow MS Work at Home licensees to download products electronically via eAcademy. UC Software Licensing folks are talking to eAcademy about Shibboleth integration. Albert (UCLA) to follow up with eAcademy to get details and report back.

Password Reset

Eric (UCSC) is looking for samples of how campuses perform password reset, and how they match InCommon Silver requirements.