RL "Bob" Morgan,
- Roll Call---non quorate (motion for minutes carried to the next call)
1. State of PEER:
- LJ: currently 0.5 is released, and dev contract is at an end
- but it is not in usable state
- new contract being arranged to get it to 1.0
- JB: Rainer Horbe asked about support for automated compliance reports
- answer: no, but funding from AT gov could change that ...
- comparison to Danish JANUS system?
- LJ: JANUS wasn't designed to be extended, so hasn't been
- what is mechanism in PEER project for funding feature requests?
- can FI-WG do so? OIX? some governments?
- LJ: needs to be one backlog with common prioritization,
- modulated by funding
- best to flow funding thru TERENA
- JB: may have to figure how usual USG contractors can be involved
- for fundable work to meet GSA needs
- LJ: seems like Kantara/OIX operational requirements can be met with
- current user stories around administrator control of entry tagging
- JB: this could be a good thing for OIX to fund
- LJ: could make sense to fund Shib work on MDX
- JB: PingID may have some interest in MDX
- LJ: the IETF draft on MDX needs some updating, may need new author
- would be good to have it published even on Experimental track
- RL: useful to have official SSTC spec for SAML metadata in JSON?
- since JSON would be more appealing to OpenID Connect community?
- JB: maybe, could be contentious, mechanical translations are ugly
- then of course there's the namespace problem
- aka the extensibility problem
- LJ: could be good engagement for Andreas Solberg
who has already done something like SAML md for OpenID Connect
- LJ: Swedish "fed soup" event indicated interest in
"federation management appliance" supporting sector federations
JB: this may be the market that PingID sees
- Proposed multilateral federation requirements/architecture doc
- JB: will create the doc space for proposed architecture doc
RL: will add some content real soon now
- RL: something to be done in evangelizing FI work in OpenID Connect?
- LJ: presumably would be of interest in managing attribute trust
- ie who is trusted to assert what kind of attribute
- JB: eg Google's work with Post Office on street addresses
- MR: yes, attributes are the key
- RL: could be good opportunity at upcoming IIW, especially if
- architecture doc is available, to do a session on this
- JB: let's do it