UC Identity Management Conference Call
- 9/3/2004 - Notes
Participants
- Jacqueline Craig, UCOP
- Elazar Harel, UCSD
- Gabe Lawrence, UCSD
- Paul Main, UCI
- Datta Mahabalagiri, UCLA
- David Walker, UCOP
- David Wasley, UCOP
Implementation Status
We're almost there for an
ITLC demo on Wednesday, 9/8.
- Paul (UCI) is working on a certificate trust issue with
Mitesh. If he configures his Attribute Authority not to check
Mitesh's SHAR's certificate, it works.
- Datta (UCLA) and Gabe (UCSD) are working on getting UCnetID
released to UCFY. They don't, however, seem to be having the
certificate trust issue. Gabe and Elazar hope to be able to
demonstrate using Blink to check leave accrual and then linking
directly to UCFY.
Presentation to the ITLC
The draft presentation was discussed:
- We will add bullets for future applications, particularly library
and the new effort reporting and budget systems.
- We add a bullet saying that we will be producing documentation to
help deployment of Shibboleth. Managing certificates, as we have
seen, is tricky.
- We will say that we will move to InCommon before putting UCFY
into production.
- We will want to demonstrate what we've done at a future COVCA
meeting.
Elazar will make sure we have the right hardware for the ITLC
demonstration. Paul and Datta will make sure that someone
attending
the meeting from their campus will know how to demonstrate access.
Status of InCommon Memberships
- UCI has joined and is in the process of registering its origin.
- UCOP has joined but has not yet registered an origin.
- UCLA and UCSD are in the process of joining.
Log Retention
Jacqueline Craig, Mike Baptista, and David Walker met yesterday with
Karl Heins of Internal Audit and Connie Williams of Records Management
to discuss standards for log retention.
- There is a general issue of log retention for online
services. We concentrated, though, on logs relating to
authentication.
- It was agreed that authentication/Shibboleth logs should be
treated as University records and, therefore, have a retention
period. Various periods were discussed, from 30 days to a
year. A specific retention period, however, would be the result
of input from various University groups as part of the vetting process
- Gabe asked if there was discussion of what information would be
required to be in the logs. While there was some discussion, it
wasn't that specific. We agreed that that should be part of the
requirements statement.
Future Calls
The consensus was to return to our "every other Wednesday" schedule,
but there are conflicts during the next few weeks. I propose that
our next meeting be:
Date
and Time: Friday, 9/17/2004, 10:00-11:00
Call-in Number: 866-740-1260
Access
Code: 9870500
Starting on Wednesday, 10/6/2004, we can return to having calls every
other Wednesday between 9:00-10:00. Everyone, please speak up if
this doesn't work for you.
David
Walker - 9/3/2004