Submitted by [https://www.clarin.eu/user/1937 Martin  Matthiesen] on 11 December 2013           

Clarin [https://www.clarin.eu/glossary#AAI AAI] Taskforce meeting 29.11.2013 11:00 -- 12:05 CET[[BR]] 	Present: Daan Broeder, Dieter van Uytcank (MPI), Lene Offersgaard  (UCPH), Oliver Schonefeld (IDS), Kai Zimmer (BBAW), Martin Matthiesen  (CSC, secretary)[[BR]][[BR]] 	1) Meeting formalities[[BR]][[BR]] 	The meeting started at 11:00 CET. No changes were proposed to the agenda, Martin was chosen secretary[[BR]] 	 [[BR]] 	2) Status of the SPF[[BR]][[BR]] 	Czech (Charles University Prague) has not signed the SPF amendment to move power of attorney.[[BR]] 	Copenhagen University has technically joined the SPF but cannot formally because of the unclear power of attorney.[[BR]] 	Dieter is working on the issue and tries to get Prague to sign.[[BR]] 	Metadatasharing within the SPF is not working as it should, we agreed on improvements under point 5.[[BR]] 	The Finnish !IdPs work with the SPF as do most of the Dutch !IdPs. The situation in Germany is still problematic.[[BR]][[BR]] 	3) Implementing the CoC wihtin the SPF[[BR]][[BR]] 	After lively discussion we agreed on the following:[[BR]][[BR]] 	* Clarin recommends the implementation of the DP-CoC https://refeds.terena.org/index.php/Data_protection_coc to all associated Service Providers and Identity Providers.[[BR]] 	* The CoC will be a future requirement for Clarin Centers and incorporated into the next revision of the Center requirements (http://www.clarin.eu/content/center-requirements-revised-version). Martin and Oliver will provide a draft amendment.[[BR]] 	* The main goal of this Taskforce is to make interoperability work  between SPs and !IdPs.  While we support the CoC, this Taskforce will  concentrate on making the SPF work (getting SPs on board, ensuring  proper attribute release). This means in practice that our first goal is  to get the national !IdPs to release proper attributes to the respective  SPs. If we can achieve that short-term goal without the CoC, we will do  so to get the SPF working. That should not stop individual centers from  pushing the CoC, eg. DFN-AAI has expressed interest in pushing the CoC  and Martin is in contact with Wolfgang Pempe on this.[[BR]][[BR]] 	4) Statement for http://www.geant.net/MediaCentreEvents/news/Pages/International_User_Advisory_Committee.aspx [[BR]][[BR]] 	Dieter is preparing a draft. There was complete agreement in this group  that the most problematic issue in EduGAIN is the Opt-In prodecure for  !IdPs and SPs to join. This leads to the well known problem of SPs not  able to offer logins and/or not being able to get attributes.[[BR]][[BR]] 	5) Streamlining of SPF metadata matters (Oliver)[[BR]][[BR]] 	The SPF metadata process is outdated at the moment. Clarin [https://www.clarin.eu/glossary#ERIC ERIC]  will get funding for a person responsible to act as a broker between  the SPs and the different IDFs. We agreed to change the metadata process  as outlined by Oliver:[[BR]][[BR]] 	1) [https://www.clarin.eu/glossary#SP SP] admin add/delete/change their SP metadata in the CLARIN SVN in the appropiate file ![1].[[BR]] 	2) SP admin make sure, they did not break the SP metadata by validating it with the [https://www.clarin.eu/glossary#SAML SAML] metadata validator ![3]. Of course, if errors pop up, they fix them.[[BR]] 	3) SP admin notifies the SPF proxy by creating a ticket in CLARIN TRAC.  This ticket includes the entityID of the entity that was  added/deleted/changed and[[BR]] 	   is put in the proper queue (= component) for TRAC to automatically assign it to the SPF proxy[[BR]] 	4) SPF proxy pushes metadata to federation and keeps track of actions  in the ticket. Once the metadata change is completed, the ticket is  closed by the SPF proxy.[[BR]][[BR]] 	In case of problems with the federation, e.g. logins from specific IDPs  don't work, the SP admin first tries to diagnose the problem on their[[BR]] 	own (e.g. by checking if the federation has the correct and up-to-date  metadata). If problems persist, SP admins opens a ticket in the SPF[[BR]] 	queue and together with the SPF proxy try to resolve the problem.[[BR]][[BR]] 	About metadata completeness: SP admins are required to put in as  complete metadata as possible. mdui extensions and  <!RequestedAttribute >[[BR]] 	elements are encouraged. English translations of descriptions, etc are mandatory.[[BR]][[BR]] 	Of course, this workflow need to be documented; probably on the SPF pages.[[BR]][[BR]] 	5) End of meeting[[BR]][[BR]] 	The meeting ended at 12:05 CET.[[BR]][[BR]] 	6) Next meeting[[BR]][[BR]] 	We agreed to meet again in January 2014. Martin will send invitations.