Re: [id-cloud] Minutes from ID-Cloud TC Telecon 9 Aug 2010 (draft)

[Anil Saldhana <Anil.Saldhana@redhat.com>]

  Membership status changes:
Gained Voting Rights:
Travis Yoes  Symplified

Lost Voting Rights:
Peter Brown, Individual
Tim Christin Axciom
James Ducharme, Aveksa
Kelvin Lawrence (IBM)
Dale Olds (Novell)


On 08/11/2010 01:46 PM, Thomas Hardjono wrote:
> Folks,
>
> Here are the minutes from the ID-Cloud TC this week.
> Apologies if I missed some discussion threads.
>
> /thomas/
>
> ________________________
>
>
> Oasis ID-Cloud TC Meeting Minutes (9 August 2010)
> -------------------------------------------------
>
> [Notation:  Q = question; A = answer; C = comment]
>
>
> (1) Roll Call and Agenda Review
>
> 2) Request Minute Taker
> - Thomas Hardjono minute taker.
>
> 3) Approval of July 26th TC Meeting Minutes
> http://lists.oasis-open.org/archives/id-cloud/201008/msg00001.html
>
> - Motion to accept the minutes:  Gershon Janssen.
> - Second:  Jerry Smith.
> - No objections. Motion passes.
>
>
> 4) SAP Submission of use case
>
> http://www.oasis-open.org/committees/download.php/38594/Enterprise%20P
> urchasing%20Use%20Case.pdf
>
> - The group went through the slide presentation by Martin Raepple
> (SAP).
>    + From the last slide: Challenges
>
>      o How will Company A enable SSO (steps 1, 4 and 10)
>        between its identity provider and the services in the
>        public cloud?
>
>      o How does the Supplier Online Shop know about
>        Company A's employee/manager permissions when
>        placing or approving an order (steps 3 and 5)?
>
>      o How is the controller's identity in the Supplier Online
>        Shop propagated when requesting data through
>        RESTful APIs from the on-premise CRM system (step 9)
>        and uploading/analyzing the data (step 10) in the
>        on-demand BI system?
>
>
> - C: Brian Marshall: commented that this is very good use-case.
>
> - Q: Anil: Do you need to perform directory synchronization
>       in this use-case.
>
>    A: Martin: Depends on the requirements.
>       + Anil:  suggest it would be good if this SAP use-case
>         could be tied into the Just-In-Time (JIT) use-case from
>         Patrick/Ping a couple of weeks ago.
>
> - C: Martin:
>    + There is a connection between on-premise and on-demand systems.
>    + There is a lack of standards to propagate SSO/Identity
>      across these systems.
>
>
> - Q: Thomas: challenge #1 (in last slide) is classic SSO.
>       Why not use SAML SSO profile?
>
>    A: Martin: Yes, we could do that but we still need
>       Identity to be recognized cross-organization.
>
>    C: Anil: SSO is common in many/all of our use-cases.
>
>
> - Q: Anil: Anil had a question about APIs
>    + Last time, Patrick/Ping agreed to champion this
>      topic (i.e APIs) on the mail-list.
>
>    A: Martin: Here API is used in general terms.
>       - The SP is assumed to be in the cloud.
>       - Today it has no specific (standard) APIs
>       - The question is how to do SSO and Identity Mapping
>         using RESTful APIs.
>
>    C: Anil: noted that Anil recently saw a financial
>       institution providing RESTful APIs for credit-card services.
>
>
> - Use-cases document: collect all the use-cases in one document.
>    o Matt/IBM asked if there was a Template.
>    o Anil will email Oasis-admin to see if Oasis has preferred
> template.
>    o Matt and Thomas signed-up to be editor.
>    o Desirable to have this use-case draft doc completed prior
>      to the F2F in September in DC
>
> - C: Colin Wallis suggested we need to have an
>    architecture approach to clarify our discussions.
>       o Colin asked if we should work on such an architecture
>       o The architecture will have direct impact on our solution(s).
>
>    A: Anil: the ID-cloud Charter states that the
>       deliverables are uses-cases, profiles, and gap-identification.
>       o We can work further on this at the F2F in September.
>
>
> 5) IDCloud F2F at Washington DC (September 29th)
>
> - Q: Brian: We should have an proposed agenda for the F2F meeting.
>       o Summarize (summary of) all our use-cases.
>       o Understand the common problems.
>       o For example, in the case of Directory Synchronization
>         we still need to hash thing out.
>
>    A: Anil: asks Brian to champion this item (Directory
>       Synchronization) on the mailing-list.
>
>
> - C: Matt: noted that there still is some "anti-provisioning"
> sentiment.
>       o Matt suggests we look closely at the SPML TC work in Oasis.
>
>    C:  Richard/Skyworth: There was a very recent email
>        from Mary/Oasis about reconvening the SPML TC.
>        o Many aspects of SPML may be suitable for the needs
>          of the cloud environment.
>
>    C: Matt: agrees, and noted that we may borrow some of the
>       use-cases from the SPML TC work.
>
>    C: Richard: some items/issues (eg. dir synchronization) is
>       not addressed by SPML TC.
>
> - Anil: We still need a more detailed use-case relating
>    to directory synchronization
>
>    C: Richard: promises to submit a use-case on directory
>       synchronization.
>
>    A: Anil: Another person (?) in ID-cloud TC has also expressed
>       interest in provisioning.
>
>
> - Anil: will post more info about the F2F meeting and bridge number.
>
>
>
> 6) Continuation of discussions on Audit, API and JIT User
> Account Management. (Optional Discussion)
>
>
> 7) Other Business.
>
> 8) Adjourn
>     Motion to adjourn: Tom Bishop/Conformity.
>     Seconded: Gershon Janssen.
>
>
> ----------------------------------
> soaphub dump:
>
> anonymous morphed into David Kern (IBM)
> AnilSaldhana_RedHat1 morphed into AnilSaldhana_RedHat
> anonymous morphed into Richard Sand (Skyworth TTG)
> anonymous morphed into Martin Raepple
> anonymous1 morphed into Travis Yoes (Symplified)
> anonymous11 morphed into Michael Stiefel
> Colin Wallis1: Colin from NZ is here..
> AnilSaldhana_RedHat: Hi Colin.  It must be 6am for you?
> Colin Wallis1: yes..
> John Bradley1: Benny Koren (Mellanox)  I got you for the roll
> AnilSaldhana_RedHat: John, I hope you got Travis
> Thomas Hardjono (MIT): Minutes: Motion by Gershon Janssen. Seconded by
> Jerry Smith. No objection. Motion passes.
> Travis Yoes (Symplified): Hi John, I dropped from the call during roll
> call but I am here
> John Bradley: I have Travis.
> John Bradley: The current attendance list Andy Kindred        Acxiom
> Group Member
> Jeffrey Broberg     CA*       Group Member
> Tom Bishop          Conformity          Group Member
> Robert Cope         Homeland Security Consultants Group Member
> David Kern          IBM       Group Member
> Matthew Rutkowski   IBM       Group Member
> John Bradley        Individual          Group Member
> Gershon Janssen     Individual          Group Member
> Michael Stiefel*    Individual          Group Member
> Thomas Hardjono     M.I.T.    Group Member
> Benny Koren         Mellanox Technologies         Group Member
> Anthony Nadalin     Microsoft Corporation         Group Member
> Colin Wallis        New Zealand Government        Group Member
> Anil Saldhana       Red Hat   Group Member
> Bill Becker         SafeNet, Inc.       Group Member
> Martin Raepple      SAP AG*   Group Member
> Richard Sand        Skyworth TTG Holdings Limited Group Member
> Travis Yoes         Symplified          Group Member
> Kyle Austin         TriCipher, Inc.     Group Member
> Jerry Smith         US Department of Defense (DoD)*         Group
> Member
> Brian Marshall      Vanguard Integrity Professionals        Group
> Member
> Daniel Turissini    WidePoint Corporation         Group Member
> Colin Wallis1: Would you propagate Identies? Perhaps instead use an
> agreed authoritative source?
> Colin Wallis1: Brian..alternatives to Directory synchronisation sounds
> like an architectural approach discussion to me,,