Untitled Document

SALSA NetAuth Conference Call February 3, 2005

*Action Items*
New
[AI] {Chris} will send a list of NetAuth WG accomplishments to the EDUCAUSE security practices group.
[AI] {Chris} will send a solicitation to list for topics to be added to the WG’s web site. – DONE!
[AI] {Chris} will post changes to Strategies document to the list.
[AI] {Kevin} will incorporate WG comments into the next draft of the Futures document and submit it to group.

Carry Over
[AI] {Chris} will solicit from the WG contributions about NetAuth vendor solutions currently being used.
[AI] {Mike} will provide a brief summary of ESnet collaborative trust domain commonalities.
[AI] {Individuals} will via the list send proposed topics for the Spring I2 member meeting in response to the call for proposal to the group.
[AI] {Individuals} will send in case studies for potential use in the Strategies document.
[AI] {Group} will review slides posted for EDUCAUSE regional group meeting.
[AI] {Group} will review information to be used as the appendix for the Strategies document.
[AI] {Chris} will find editors to help with the appendix of the Strategies document.
[AI] {Chris and Mark} will develop the NetAuth approach to NAT devices as a discussion topic for submission to the Effective Practices WG.
[AI] {Group} via the list will send suggestions for use cases augmenting the Strategies document.
[AI] {SteveO} will submit the Strategies document to the Internet2 document library once it is considered draft three.

*Participants*
Chris Misra, U. Massachusetts (chair)
Rich Cropp, Penn State University
Martin McCormick, Oklahoma State University
Kevin Amorin, Harvard University
Mike Wiseman, University of Toronto
Robert Lowe, Lawrence University
Klaas Wirenga, SURFnet
Mark Poepping, Carnegie Mellon University
Robert Brentrup, Dartmouth College
Terrie Clark, Internet2 (scribe)
Steve Olshansky, Internet2

*Discussion*

The draft outline of the Futures document has been presented to the group for discussion. The document has been published on the WG’s web site. It was discussed that the document will be modified in the following fashion:

- Incorporate comments about open source solutions,
- Provide a section in the document for Notification. This will become critical once NetAuth is launched into a Federated environment,
- Create a section for identity management once the Strategies document is complete,
- Update document to reflect a consistent taxonomy,
- Provide examples in addition to generic recommendations for implementations,
- Address potential challenges with legacy architecture, and
- Address architectural requirements for a modular solution.

The group also discussed NetAuth implementation in a federated environment. It is agreed that policy definition is required for notification to users authorized through an alien host. If the group provides a NetAuth solution for federated environments, then the remaining individual host institution issues will presumably be resolved as well. Stated differently, a federated NetAuth solution would by definition include solutions/recommendations for local institutions. Suggestions for addressing issues of NetAuth in a federated environment include similar treatment for guest users and resident users for virus alert/remediation, and separate access using VLANs and quarantine LANs. A suggested approach to the broader topic of NetAuth in federated environments is to begin defining requirements and then develop case studies. The NetAuth WG will address these issues.

There will be an FWNA BoF at the Joint Techs meeting in Salt Lake City this month. All NetAuth WG members are invited.

The group also discussed implementation of a wiki. It was decided to use the WG’s website and mailing list to collaborate until if and when an Internet2 wiki is implemented.

The next call is Thursday, February 17, 2005 at 12:00 PM ET. An agenda with the call in number will be sent out to the WG via the list prior to the call.