UC Identity Management Conference Call - 4/8/2004 - Notes

Participants

• Mike Baptista, UCOP
• Bob Brandriff, UCOP
• Keith Chong, UCI
• Jacqueline Craig, UCOP
• Elazar Harel, UCSD
• Bruce James, UCOP
• Gabe Lawrence, UCSD
• Paul Main, UCI
• Brian Roode, UCI
  
• David Walker, UCOP
• David Wasley, UCOP
• Dana Watanabe, UCI
• Albert Wu, UCLA
  

Project Deliverables

• Mike Baptista mentioned that the business criteria we deliver will need to be reviewed by legal counsel.
• Gabe Lawrence asked about the relative importance of UCFY/YBO and CDL licensed resources.  David Walker will modify the the document to indicate that we will be creating an infrastructure that can be utilized by the CDL's vendors, but we will not deliver Shibboleth-based access to all CDL-licensed resources.
• We will add a deliverable stating that we will conduct a three-month evaluation of the project's success.
  
• Everyone agreed to write descriptions of their parts of the project by Tuesday, 4/13, and send them to David Walker.  He will combine them with the overall statement of deliverables and send them to the ITLC as the end-product of Phase I of our project.

The UCFY / YBO Implementation Plan

• Since UCFY and YBO already share authentication information, only UCFY will be "Shibbolized."  This means that people who want to access their benefits through this interface will need to navigate to UCFY from their campus web page (or portal), and then navigate to YBO.
• Mike Baptista pointed out that a project has just been initiated to make UCFY and YBO into a single application, so the two clicks needed to access benefits information will be temporary.

Policy-Related Issues

• None of the campuses have distributed descriptions of their identity management infrastructures to the group.  Jacqueline Craig and David Wasley will be distributing a template for these responses within the next couple of weeks.
• InCommon will be created this month.  David Wasley and Jacqueline will be working with InCommon to ensure that we stay aligned with that effort.
• Gabe Lawrence raised the issue of availability for the InCommon WAYF.  We agreed that we would bypass that WAYF for UCFY / YBO if it looks like availability or performance will be issues.
• The federal government (OMB and NIST) has been doing some good work recently with respect to assurance levels for identity management and authentication.  David Walker will post information on the project web site.

Other Issues

• UCSD has a functioning Shibboleth origin.  Gabe Lawrence asked if the campuses should join InQueue or wait for InCommon.  It was agreed that everyone should join InQueue and switch to InCommon when it is fully operational.
• UCLA has a functioning origin and has joined InQueue.
• UCI is working on their origin and has joined InQueue.
• Albert Wu asked if the origin should be run on redundant servers.  David Walker said that redundancy would not be a requirement, but that it's likely that we'll decide on some requirement for availability of the origins.  For this pilot, though, correct operation is more important than availability, since the current method for accessing UCFY and YBO will still work.