10:00 Introductions.
10:10 Round-table discussion of identity proofing practices. What forms of identification do you require? How do you link registration to identification (e.g., hiring, admission)?
11:00 Status of UCTrust applications (AYSO, HRLMS, Connexxus travel portal).
11:30 UCTrust metadata management. See "Ensuring the Validity and Correctness of UCTrust Security Information" under "UCTrust Metadata Management" at http://www.ucop.edu/irc/advtech/UCTrustWG/index.html. I'll be asking to remove the "draft" designation from the document, as well as volunteers to be Initiators and Certifiers, as described in the document.
12:00 Lunch and PGP key signing party. As many of you know, the UCITPS and UCSIRC have started a process of sharing PGP keys that I would like to extend to our group to enable authenticated electronic mail for announcements of new members, policy/procedure changes, etc. Please bring a photo ID that would meet UCTrust Basic's in-person registration requirement, as well as slips of paper with your name, electronic mail address, and PGP fingerprint. I've attached a note from Steve Lau to UCITPS as background.
1:00 Status of InCommon's Bronze and Silver assurance levels, their relationship to UCTrust's Campus and Basic, and what it means for future revisions to our UCTrust policy document.
1:30 Application design issues yet again: 1) UI issues in the flow of browser redirects from a campus portal through the WAYF and IdP to the SP, 2) logout processing.
2:30 Activity plan for 2008. We're over the hump with respect to UCTrust certification. What should we be looking toward next?
3:00 Adjourn.