Minutes: SALSA NetAuth call 19-Jan-06

*Attendees*

Kevin Amorin, Harvard University (stand-in chair)
Rich Cropp, Penn State University
Robert Lowe, Lawrence University
Eric Gauthier, Boston University
Steve Olshansky, Internet2
Katherine Strojny, Internet2 (scribe)

*Action Items*

New:

[AI] {Kevin} will email the list and see if anyone wants to join the case studies project.

[AI] {SteveO} will follow up with Valerie at EDUCAUSE regarding format for case studies, including examples.

Carry Over:

[AI] {Individuals} are requested to send in case studies for potential use in NetAuth documents.

[AI] The following individuals volunteered to write case studies, with a soft deadline of March 30:
- {Chris Misra}: Layer 2 & 3 isolation using NetReg and a homegrown switching system
- {John Moore}: Lockdown Networks and VLAN switching
- {Kevin Amorin}: ARP manipulation and VLANs

[AI] People are sought who can draft case studies for Bradford or Cisco Clean Access. If anyone knows of candidates, please contact Chris.

[AI] {Kevin Amorin} volunteered to set up a secondary wiki with open access.

[AI] {Chris and SteveO} will work with EDUCAUSE to see that the case study work can be fit into the Effective Practices Guide. [AI] When the ResNet survey goes live, {Chris} will post a notice to the list in order to encourage participation.

[AI] {SteveO} and {Chris} will work offline towards providing a means for public input on the wiki. [AI] {Group} will take a look at the wiki and start populating useful links for components-related content, toward developing a repository of useful information and understanding the solution space better.

[AI] {Group} will delegate liaisons for TNC and NAC. [AI] {Chris} will coordinate with the Effective Practices Guide working group at EDUCAUSE for anything this group can provide, such as written material or resources, as they revise the guide.

[AI] {SteveO} will add a new section to the NetAuth website for "Related Work" and will solicit suggestions for content from the list.

[AI] {Kevin Amorin} will send information to the list about EAP (Extensible Authentication Protocol) activity currently underway in IETF.

[AI] {Individuals} who look into the IETF Distributed Security (distsec) mailing list are requested to provide feedback to the group on whether the activities are of interest to this group. To join the list, refer to the following link: https://www.machshav.com/mailman/listinfo.cgi/distsec

[AI] {Chris} and {SteveO} will send a note to the WG via the list soliciting suggestions for the future direction of the WG.

[AI] {Chris} will put together a few slides describing intersection points between SALSA NetAuth and SALSA NetAuth-FWNA.

[AI] {Chris} will send the list of vendor questions developed by the WG during this call to the group via the list. This will move forward in collaboration with the effective practice group at EDUCAUSE.

[AI] {Chris} will arrange vendor discussions for a subsequent call.

[AI] {Chris} will post messages to the NetAuth and FWNA lists soliciting volunteers to develop an outline of issues for NetAuth in a federated environment.

[AI] {Chris} will solicit from the WG contributions about NetAuth vendor solutions currently being used.

*Discussion*

Intellectual Property Reminder: The Internet2 intellectual property policy can be found here: http://members.internet2.edu/intellectualproperty.html

The agenda include discussion of upcoming events, the case studies effort underway, the wiki platform to be provisioned by Internet2, status of the components document, and the updated ResNet survey. Minutes from the previous call were approved, and the group reviewed the action item status. The latest DISTSEC activity was discussed, and as they seem to be looking strictly at distributed firewalls, their direction does not seem to be aligned with this group's charter. The suggestion was made to add an agenda item addressing the question of how to interface with the standards community. Possibilities included approaching the IETF to find out about an appropriate working group, and attending the upcoming IETF conference.

Upcoming events include the following:

- NERCOMP SIG February 7, 2006 at U. Mass. (Amherst): http://www.nercomp.org/events/event_single.aspx?id=340

- Security Professionals conference April 10-12, 2006 in Denver: http://www.educause.edu/sec06

- NERCOMP annual conference, March 20-22, 2006: http://www.nercomp.org/events/event_single.aspx?id=400

Steve reported that Confluence is the wiki platform selected to be provisioned by Internet2. Would the NetAuth group have its own site? Yes, this is a tool that would be made available to every working group if they care to use it. One open question is how to authenticate, since not all schools are members of InCommon. The underlying requirement is that users be accountable for the statements they make. The platform may be available in the second quarter, but timeframe is not firm. In the interim, Kevin is using MediaWiki to set up a secondary wiki with open access.

The group commented on the updated ResNet survey. Robert had sent feedback to Dave Futey earlier in the week, and these comments were used as a springboard for discussion. Kevin took notes so he could send feedback to Dave.

The components document is currently on hold so that the group's efforts can be focused on case studies.

Case studies are in progress. [AI] {Kevin} will email the list and see if anyone wants to join the case studies project. Steve has identified Valerie Vogel as the person we need to work with at EDUCAUSE. [AI] {SteveO} will follow up with Valerie regarding format for case studies, including examples.

The next call will take place 2-Feb-06. Agenda and bridge will be sent to the list in advance of the call.