Minutes: SALSA NetAuth call
11-May-06
*Attendees*
Chris Misra,
U. Massachusetts (chair)
Rich Cropp, Penn State U.
Steve Olshansky,
Internet2
Katherine Strojny, Internet2 (scribe)
*Action Items*
New:
[AI] It was proposed that the {group} think about placing
registration data in LDAP as a canonical storage method, so
that, for example, DHCP can access the data in LDAP instead
of having an internal database.
Carry Over:
[AI] {Kevin} will
solicit the list for questions to include in the FAQ and for
people to edit the wiki.
[AI] {Anyone} who has slides or content
related to NetAuth use cases or case studies, send them to
SteveO for posting on the NetAuth website.
[AI] {Individuals}
are requested to send in case studies for potential use in
NetAuth documents.
[AI] {Chris} will clean up the action item
list.
[AI] {Kevin} will write up the challenges of going from
theoretical to deployed 802.1X.
[AI] {Group} will re-evaluate
the finalized documents to determine whether the term "host posture assessment" should
be included.
[AI] {Kevin} volunteered to do a first draft of
the NetAuth FAQ, with the goal of sending it out to the list
before the end of March.
[AI] {Chris} will send a notice about
upcoming meetings with Netauth discussions.
[AI] Once content
is more complete and the wiki is in a permanent location, {Chris
and Kevin} will get a note out to some of the lists announcing
the wiki.
[AI] {Group} is invited to take a look at the NetAuth
wiki and add content, toward developing a repository of useful
information and understanding the solution space better. In particular,
Kevin is seeking input on isolation methods and Frequently Asked
Questions.
[AI] {Kevin} will email the list and see if anyone
wants to join the case studies project.
[AI] The following individuals
volunteered to write case studies, with a soft deadline of March
30:
- {Chris Misra}: Layer 2 & 3 isolation using NetReg
and a homegrown switching system
- {John Moore}: Lockdown Networks
and VLAN switching
- {Kevin Amorin}: PacketFence (ARP manipulation
and VLANs)
[AI] People are sought who can draft case studies
for Cisco Clean Access. If anyone knows of candidates, please
contact Chris.
[AI] {Group} will delegate liaisons for TNC
and NAC.
[AI] {Kevin Amorin} will send information to the list
about EAP (Extensible Authentication Protocol) activity currently
underway in IETF.
[AI] {Individuals} who look into the IETF
Distributed Security (distsec) mailing list are requested to
provide feedback to the group on whether the activities are
of interest to this group. To join the list, refer to the following
link: https://www.machshav.com/mailman/listinfo.cgi/distsec
[AI] {Chris} and {SteveO} will send a note to the WG via the
list soliciting suggestions for the future direction of the
WG.
[AI] {Chris} will put together a few slides describing
intersection points between SALSA NetAuth and SALSA NetAuth-FWNA.
[AI] {Chris} will send the list of vendor questions developed
by the WG during this call to the group via the list. This
will move forward in collaboration with the effective practice
group at EDUCAUSE.
[AI] {Chris} will arrange vendor discussions
for a subsequent call.
[AI] {Chris} will post messages to the
NetAuth and FWNA lists soliciting volunteers to develop an
outline of issues for NetAuth in a federated environment.
[AI]
{Chris} will solicit from the WG contributions about NetAuth
vendor solutions currently being used.
*Discussion*
Intellectual
Property Reminder: The Internet2 intellectual property policy
can be found here:
http://members.internet2.edu/intellectualproperty.html
The call did not have quorum, so remaining agenda items were postponed till the next meeting.
[AI] Chris proposed that the {group} think about placing registration data in LDAP as a canonical storage method, so that, for example, DHCP can access the data in LDAP instead of having an internal database.
The next call is scheduled to take place in two weeks, on 25-May-06. Agenda and bridge will be sent to the list in advance of the call.