20 May 10:30UTC

Please find Zoom details in calendar invite

Agenda

timetopicpresenter
10:30 - 10:40Welcome, Agenda Agreement and Open ActionsPål
10:40 - 10:50

Service Team Overview - slides

Davide
11:50 - 11:20

Finalise strategy

consultation comments: 2025 eduGAIN Strategy consultation

proposed changes: https://docs.google.com/document/d/12ML76QVSI1n8N5jKRnMIBKeWlHH3Z2bMMJagcSwDBf0/edit?tab=t.0

Next steps: pretty clean copy

Nicole, Casper
11:20 - 11:50

Work Plan - Rebuilding eduGAIN trust

Proposal: 

Create a new version of the proposed roadmap with the following items.

  1. Establish annual check of federation details using the same tooling as the security checks.  Introduce mandatory security contact for federations at this time.
  2. Consult with community on timeline to introduce individual entity filtering.
  3. Working group to "reverse engineer" eduGAIN SAML profile and define whether we need an umbrella for SAML and OIDC requirements. 
  4. Implement security, privacy and assurance requirements in SAML profile and roadmap for adoption. 
  5. Consider tooling requirements to check and monitor the above. 
  6. Stakeholder engagement document???

Parked:

  • attribute release
  • metadata publication requirements

Does the SC agree? 

Nicole, Casper
11:50 - 11:55Membership applications
Casper

AOBAll

Future meetings, Summary and Actions
12:00Meeting Close

Attendees: Maarten Kremers (observer), Casper Dreef (secretariat), Francisca Martin Vergara, Muhammad Farhan Sjaugi, Bas Zoetekouw, Davide Vaghetti, Nicole Harris (secretariat), Pål Axelsson

Apologies: Dalia Abraham, Marina Adomeit (observer), Jonathan Eagan 

Notes:

Welcome, Agenda Agreement and Open Actions

The committee agreed on the agenda.

Open Actions: 2 actions remain open. OIDC Federation infoshare in the week of 16 June. Wednesday 18 June around 13:30 - 15CEST.

  • Casper to send out an invite to eduGAIN community.

Service Team Overview

Davide presented the office eduGAIN Roadmap for 2025 (see agenda for slides). This was created for the GN5-2 project deliverable. 
Currently two sites for the core service have been implemented. Production: PSNC, duplicate at GARR and now an additional site is created at SUNET. Different strategies for back-end and front-end. One core back-end and two back-ups. Now one front-end, in the future multiple front-ends.
The team is working on tool upgrades and a migration to a new ticketing system is being prepared. 
The CSIRT team has a new member who has experience in security training. 

Finalise Strategy 

Consultation review - 2025 eduGAIN Strategy consultation 
Nicole, Casper, Pal, Davide, Maarten and Marina worked on the outcomes of the consultation and discusses these with the Steering Committee. The final version will be shared with the Steering Committee for final approval and will then be published.

Work Plan - Rebuilding eduGAIN trust

Support materials:
- Futures WG white paper: 2022 eduGAIN Futures Working Group Report Consultation
- eduGAIN Strategy 
- Roadmap

The proposed work items:

Create a new version of the proposed roadmap with the following items.

  1. Establish annual check of federation details using the same tooling as the security checks.  Introduce mandatory security contact for federations at this time.
    • This check would be done annually around November-December.
    • Initial focus is on collecting security contact. 
    • Is this too optimistic if the security contact requirement is announced in June? How flexible should be? The committee decided that the member federations can request a grace period.
    • Strong recommendation to use an organisational email address. Use SIRTFI as an example. 
    • Compliance can be enforced with Suspension Process. 
    • Where should the eduGAIN member's Security Policy be published? In the MRPS?
  2. Consult with community on timeline to introduce individual entity filtering.
  3. Working group to "reverse engineer" eduGAIN SAML profile and define whether we need an umbrella for SAML and OIDC requirements. 
    • Creating a Trust Framework.
  4. Implement security, privacy and assurance requirements in SAML profile and roadmap for adoption. 
    • To some extends adopted in the roadmap already. 
  5. Consider tooling requirements to check and monitor the above. 
    • To some extends adopted in the roadmap already. 
  6. Stakeholder engagement document?

Parked for now:

  • attribute release
  • metadata publication requirements

 Outcomes presented at the TNC25 Town Hall meeting.

Membership applications

New declaration signing process for candidates. First experiences are that it is new members struggle. Federations have been set up to join eduGAIN instead of an established and mature federation that joined eduGAIN. Though the new process takes more time that anticipated, it is a good final check on the technical readiness level of the new member federation. 

eduID.ng - Nigeria. Completed eduGAIN training. First policy assessment will start soon.
BotsREN - Botswana. New federation, interested in setting up a Library Consortium. First policy assessment will start soon.
CAFMoz - Mozambique. This federation is investing in outreach to local institutions. Published their policy in english and is ready for first assessment.

APAN update: setting up a hackaton with Philippines. Taiwan is setting up the infrastructure for their federation. Application is expected end of June.

AOB


Future meetings, Summary and Actions

eduGAIN Town Hall 2025

https://refeds.org/meetings/50th

Second half of August

Late November.

  • Action: Casper to send out doodles for August and November.
  • Action: Casper to propose a date for the Assembly.

Assembly meeting in December. Not during TechEx (8-12 December)

 

  • No labels