Logistics

Time: Monday, April 26 @ 12:00 pm Eastern (11:00 am Central)
Conference Bridge: (641) 715-3200 640123#
Attendees: Marvin, Scott, Jonathan, Susan, Eric, Andrew Petro
Absent: None!
Note Taker: Andrew Petro

Agenda

Roll Call; Choose Note Taker
Review Old Action Items
Review steering committee artifact openness (Andrew Petro)
1. These call notes are publicly available
2. CAS-steering-committee email list archives require authentication (and membership on the email list?) to access
Status of the Thing that Will Not Be Named
1. Andrew Petro has taken on coordinating this, since Scott has papers to finish
Multi-Factor Status
Organizing/publicizing CAS Community Calls
Releases
Apache 2 License
Volunteer Positions
Identifying other Clients to bring under the Jasig umbrella

Notes

Administrivia

Andrew Petro volunteered to take notes for this call.
Andrew Petro is at Internet2 Membership Meeting this week
ScottS becomes more available after Tuesday, when his paper is due

Old action items

ScottS completed road map but is still to document goals and mission statement

Review of openness characteristics of CAS steering committee communication mechanisms

The notes from these conference calls are publicly available
The archives of the cas-steering-committee@ email list are not

Addressing report of CSRF issue

This issue was generally discussed. Some of the salient points:

Andrew Petro leading this, since ScottS has his paper to write
Partial progress authoring response in private page in Jasig Confluence
Requires additional effort
Potentially requires coordination with the communities of similar projects
Andrew Petro to continue to draft response in private Confluence page in Jasig wiki
ScottS to review and add to this when he becomes available
Requires communication specifically with BK
Andrew Petro and ScottS to discuss after Tuesday when Scott turns in his paper
goal of publishing a response mid-May

Multifactor authentication in CAS

Discussion of Scott-Yale discussions to date, the availability of notes for these in the wiki, potential in eliciting wider discussions of this.

Discussion of relationship of these discussions and work to the Unicon-VASCO proof of concept integration work (basically, no relation).

Andrew Petro apparently missed the latest of these calls, wherein possibly shipping more specific VASCO support in CAS was discussed. Agreement on this call to launch additional email discussion of this idea.

Next step for this: another conference call once logistics for Scott to join not-from-Rutgers are addressed, likely in the next month.

CAS Community Calls

Discussion of issues in making people aware of the schedule for these calls, having enough lead time to prepare and become aware of an agenda. Potential in Jasig Bedework instance in helping with calendaring logistics. Andrew Petro's perspective that calendaring tooling isn't the biggest problem here.

Review of goals and current format for the calls, fostering collaboration,, discussion, participation, making people more aware of CAS progress.

Discussion of doing something more like the uPortal community calls in showcasing/marketing success with CAS.

Discussion of a hybrid format that would afford 15 minutes for a showcase presentation every-other call, with a 15 minute design/feature focus on the not-showcase calls, and continuing to use the 45 minute portion for the current review of progress, discussion of next steps, discussion forum format.

See Ideas for Showcase Pieces of Calls, below.

Jonathan Markow to focus on building Jasig membership numbers

Jonathan informed the committee that the Board has instructed him to focus over the next six months on building Jasig membership and commercial affiliate counts, which will necessarily involve less attention to internal project management and progress prodding efforts.

This led to the idea of adding to the next meeting's agenda discussion specifically of how to build Jasig membership and commercial affiliation in the context of Jasig CAS.

Action Items

DONE Andrew Petro to fix SusanBramhall access to private-to-committee page
ScottS to review completeness of road map document and document goals and mission statement
Andrew Petro leading response on "we think CAS is insecure because it amounts to bearer credentials authentication" issue
Launch discussion of shipping VASCO authentication handler support in CAS. (Andrew Petro and ScottS particularly interested)
ScottS to "schedule" (date is already set, needs a time of day he can make?) and announce next CAS community call, including on email list and on Jasig CAS website. Bonus points for sending a calendar event addable to one's calendar of choice!
To discuss on next call: How to sell Jasig membership and commercial affiliations to CAS adopters and integrators. Jonathan Markow to add this to next call's agenda.

Ideas for Showcase Pieces of Calls

The idea of collecting these ideas was discussed on the CAS steering call, but not the actual ideas. This add-on to the page is to collect some of these ideas as an outcome from this call and input to the next steering committee meeting and/or further discussion.

Ideas for showcase pieces of calls (would need to convince presenters to be willing to present, none of these presenters have been approached yet at this brainstorming topic ideas phase):

a call with CAS's extensible Web flow as its theme, hearing from Adam Rybicki, Unicon clients, others who have successfully customized the login web flow
asking Unicon/Cisco to present on their use of Jasig CAS in the Workforce Retraining Initiative site (including CAS-Shibboleth integration)
a call with multi-factor authentication as its theme, with Yale/Scott summarizing discussion to date, review of what Berkeley is doing along these lines in production, and focusing the discussion piece of the call on interest in and plans for multifactor authentication support in CAS
Bill Thompson on bringing proxy CAS support to Liferay and/or on a more modern, secure, and elegant approach to CASifying Outlook Web Access.

Browser not supported