UCTrust Workgroup
Child pages
  • Meeting Notes - 2010-09-16 Conference Call

DRAFT - Meeting Notes - 2010-09-16 Conference call - DRAFT

Agenda

Attendees

Arlene Allen, UCSB
Chet Burgess, UCOP
Dedra Chamberlin, UCB
Eric Goodman, UCSC

Karl Heins, UCSB
Stephen Hock, UCR
Bruce James, UCOP
Jeff McCollough, UCB
John Ober, UCOP/CDL

Brian Roode, UCI
Andrew Tristán, UCR
David Walker, UCD
Albert Wu, UCLA
Matt Elder, UCSD

Notes

Federated Wireless Access Update

David reports that the wireless subgroup posted its recommendation for feedback. The group started with a design to integrate the campus wireless portals with Shibboleth. There are several issues with the approach. Specifically, authenticating through Shibboleth requires a user to have access to the Internet. In order to make this happen, each captive portal would need to know the IP addresses of all possible IDP's and allow users through prior to authenticating.

The group eventually settled on a recommendation to join eduRoam-US. Members on the call raised several concerns:

  • eduRoam implements 802.11x. Not all UC campuses are ready to support 802.11x on their wireless networks. Of the project team, only UCLA, UCD, and UCSD have already deployed 802.11x support; UCB, UCR, and UCSC will plan to do so. Some other campuses, not represented in the project team, do not foresee 802.11x support on their campuses even in the long run.
  • Members of the call discussed eduRoam's relationship to InCommon. Today, eduRoam is a relatively loosely organized. It is more a technical implementation than a governing body. In particular, eduRoam has a more mature adoption in Europe than the US. There are talks of eduRoam becoming more integrated with InCommon. Nothing concrete there yet.
  • A question came up regarding how the sub group reached the decision to recommend joining eduRoam-US. Although the history is documented in the Wireless group's meeting notes, Some felt the report should expand on the decision making process. David and Dedra will take the feedback to the wireless subgroup to refine the report.

UC Library Shibboleth Task Force Update

John Ober reports that the Task Force has submitted its report to the campus libraries. It appears that the libraries will accept and endorse all the recommendations in the report. John expects that decision to arrive on 9/16 and will distribute the final report to UC Trust members as soon as it becomes official.

A likely next step will be to conduct a proof of concept deployement with HathiTrust. UCLA and UCSD already support the attributes required for the POC, and the respective libraries will likely soon contact the campus IDM offices.

Beyond, the Task Force recommends approaching content vendors and e-journal vendors. Many are already Shibboleth-enabled due to mandates from UK federation.

There was a brief discussion regarding challenges working with Innovative Interfaces, who has been reluctant to integrate its solutions with Shibboleth. More to come on this.

eAcademy update

Representatives from several campuses met with eAcademy via a conference call in early August. The eAcademy call was to discuss possible methods for the campus to transmit a user's MCCA Work at Home eligibility to eAcademy. eAcademy is generally willing to accomodate a variety of interfaces. The suggested mechanisms were documented here.

Albert's observation is that overall, transmitting entitlement data is a preferred mechanism over a separate feed. However, there are concerns regarding the campus' ability to calculate eligibility based on available data. The general consensus seems to be that the responsibility of determining eligibility should not lie with the IDM offices. The question is, who is responsible on each campus?

Another question is whether this needs to be a UC Trust implementation, or whether it can be left to campuses to tackle individually with eAcademy.

Regardless, the general issue of asserting service eligibility is coming up in a variety of projects. The group will tackle this topic in greater detail during the upcoming face-to-face meeting.

UPDATE: follow up email notes from Arlene:

"On the eacademy topic, my preference would be to have IdP's stay out of the mechanism used to register and track entitlements. It seems like our role would be to have a standardized methodology / nomenclature for reporting the status of someone's entitlement, whether it be edupersonentitlement or other. Our Software Central / Depot / what-have-you's are already in this business in varying degrees. I would not want them to see it as IAM usurping some of their functionality. I'm taking it as a given that the business case has already been made for why one would want more automation of these types of entitlement."

Face-to-face meeting

The group agreed tentatively to schedule a face-to-face meeting at Berkeley in early December.

UC User Provisioning Project

The group was running out of time on the call. David gave a quick update: The User Provisioning Project's report will be presented to ITLC at its September meeting. David asks everyone to read the ?User Provisioning documents (skip down to the Documents section), touch base with his/her CIO and ITAG representatives, and provide any feedback via the UC Trust mailing list.

Next Month

Discussion topic for the October call: InCommon Silver certification and the UC User Provisioning Project.

  • No labels