Jump to: navigation, search

01.26.2007 F2F Agenda

Agenda for Higgins face-to-face meeting in Provo, Utah, January (23), 24-26, 2007.

Location Novell's office. 1800 South Novell Place, Provo, UT 84606, (801) 861-7000

The event will start Wednesday January 24th at 1:00 and end Friday, January 26th at mid day.

Hotel Several of us are staying at the Conference Center in Provo map.

There are also a few hotels within walking distance (may have to deal with snow though) The markers are off. From left to right,

  • The La Quinta is across the street (west) and has a visible swimming pool.
  • The Fairfield has a blue roof
  • The Hampton is next to (east) of the Fairfield
  • The Sleep Inn is next to (northeast) of the Hampton

Weather Dress warm. It may be cold.

Pre-meetings (build issues) Jan 23-24

  • Working build clean-up meetings.
    • Tuesday, January 23rd 1:00 pm - 6:00 pm Building H 5th floor
    • Wednesday, January 24th 9:00 am - 12:00 pm Building H 1st floor
    • Novell team will escort from lobby. If late call 801 380 8760

Expected Attendees

  • Dale Olds
  • Jim Sermersheim
  • Mary Ruddy
  • Mike McIntosh
  • Paul Trevithick
  • Tom Doman
  • Tony Nadalin
  • Duane Buss
  • Daniel Sanders
  • Nataraj Nagaratnam
  • George Stanchev

Agenda for build issues meeting

Notes are in bold

  • Define developer's experiences (use cases). Something like:
    • Getting code from CVS:
      • Using Eclipse
        • anon and committer psf files (at least one anon and committer per component) must be kept up to date. (Component owner & Paul as taskmaster)
          • would be good to have the ability to upload psf files to the wiki, but nothing easy in place yet. (tabled for now)
      • Using other CVS tools
        • Document URL's to each project/component (Component owner & Paul as taskmaster)
        • Combine all CVS stuff into a source
    • Build steps
      • General build requirements (Mike and Jim will chip away at this)
        • Able to manage from within eclipse without dual editing build files
        • Able to build from the command line
        • Should be no absolute class names
        • Shouldn't require eclipse-specific jar files (only stated dependencies)
        • Should build when eclipse is not installed
        • What targets are required?
          • jar for any consumable component
          • war file for WS deployable components
          • debug versus binary
          • javadoc
          • eclipse plugin target
            • this probably requires ecplise to be deployed -- hopefully this can just be a target that is selectable
      • Build prerequisites
        • Gathering dependencies
        • Setting up environment (incl. env variables)
      • Building in Eclipse
        • Using Eclipse build
        • Using ant inside eclipse
      • Building from the console
  • Standards for consistent developer builds (Paul reorganizing component page)
    • Do we need to support all the use cases above?
    • Instructions for getting code
    • Instructions and/or scripts for build prerequisites
    • Instructions on building
    • Is the output the same as the nightly build? (Jar file naming, Jar file versioning, Javadoc copyright)
      • yes
  • Project Packaging and Terminology Component owners)
    • Packages versus Projects
      • Should each different package be it's own project, or should a project contain multiple related package?
        • i.e. Why are there multiple IdAS projects?
        • projects are based on architecture
        • plugins have to their own projects
        • unit tests should be their own project'
  • Dependencies
    • Delivery/Distribution (how do people get them?)
      • Put them in CVS
        • The hope is that we can integrate this into the standardized build system. Hopefully we can build eclipse projects for the dependencies, and refer to those. (Mike and Jim can try to look into this. Paul referred to Orbit)
    • Placement for builds
      • see above
      • Do we require additional Eclipse plugins?
        • see above
  • Review Nightly build needs
    • Jar file naming
      • This is a side-effect of the way we name our eclipse projects
      • We could either change our eclipse UI project names to be short names, or look for some kind of eclipse setting to let us control the jar file names
        • Proposal is to name like higgins-<component>.jar (Component owners)
        • Side topic is re-alignment in cvs (higgins versus trust framework) (Mary)
    • Jar file versioning
      • filename should have version numbers
        • revision version # only updates when an update breaks an older application
          • Dale wants to reflect any change in the name
        • review eclipse guidelines for this (Tom)
    • War file delivery
      • War file includes dependencies
        • Mike needs to walk thru the steps to list dependencies, will list the dependencies. Mary will then run them through IPZilla (Mike)
    • Review Javadoc copyright
      • We should seek guidance from eclipse (Mary)
  • Delivery of released deliveries.
    • What's the criteria for calling something a "release"
      • Generally tied to milestones
      • Component owner updates release number
      • We don't have a release yet
  • Requirements for package-managed builds
    • Eclipse update manager
      • Need to do this before we release
    • RPMs
    • JPackage

Main Meeting Jan 24-26

Expected Attendees

  1. Abhi Shelat (IBM)
  2. Dale Olds (Novell)
  3. Daniel Sanders (Novell)
  4. Duane Buss (Novell)
  5. Jim Sermersheim (Novell)
  6. Igor Tsinman (Parity)
  7. Mary Ruddy (SocialPhysics, Parity)
  8. Maxim Kopeyka (Parity)
  9. Mike McIntosh (IBM)
  10. Nataraj Nagaratnam (IBM)
  11. Paul Trevithick (SocialPhysics, Parity)
  12. Pete Rowley (Red Hat)
  13. Tom Doman (Novell)
  14. Tony Nadalin (IBM)
  15. George Stanchev (SERENA)
  16. Patrick Felsted (Novell)
  17. <add your name>

Wednesday Agenda

Noon: Development Processes & Stds [30 min]

  • Review/Summarize results of "Build Day" [Jim]
  • Component Owner responsibilities [Paul]
    • maintain automatic (nightly) builds
    • maintain all columns in your "row" here: Components (javadoc, psfs, etc)
    • maintain "to-do" list for each component
    • guarantee quality though unit tests and other quality assurance techniques
  • Moving all Higgins interfaces/APIs back to JVM 1.4 [Tony]

12:30pm-2pm (break for policy session and resume continuing into Thursday) IdAS [Jim: total 4-5 hours]

  • org.eclipse.higgins.idas.model refactoring (2 hours)
    • We're adding the APIs in 171295. Is there anything else we need them for (getMetadataModel)?
    • Should the interfaces in the model package be used to produce instances of context data (digital subjects, attributes, filters, modification lists, etc.)?
      • Jim will research -- document current thoughts, send to Valery
    • Adding matching rules to the model
      • This overlaps some of the Data Model discussions below
      • Attributes should list the comparators they support 171312
        • Still need to make sure this can be represented in Higgins.owl, and CP owls. Paul thinks it can be
      • Comparators should specify the assertion value required
        • Daniel suggests allowing multiple assertion types
  • IFilter refactoring (1 hour)
    • String representations of filters 171328
    • How to do substring and other matching rules which require non-standard attribute assertions 171331 and msg01394
    • Do comparators need to be represented as an interface?
    • Still need to review IdAS filters in terms of usefulness and consistency as applied to other Higgins components which have the notion of a filter
  • Review AuthN*Materials
    • Raj want to migrate toward a jaas model -- has an issue with AuthNFilterMaterials object. Raj will start a thread on the dev list
  • Update operation refactoring 167978 (1 hour)
    • API atomicity for joining providers 171296
      • propose to the list a way of specifying IdAS user's preference as to whether atomicity semantics are required, preferred, or not cared about
      • We also need to document what atomicity means on a per-operation basis
    • Adding a new Digital Subject to the backing store
    • Creating new attributes and values for new and existing Digital Subject
    • Modifying existing Digital Subject
      • Adding, replacing, and removing attributes 171297

3pm: Privacy/Data Policies [2 hrs]

Part 1: Mary Rundle's presentation [Mary Rundle 1 hr]

  • Can Higgins use Creative Commons-like icons to help the identity management infrastructure to honor international rules for personal data protection?

Part 2: Higgins Privacy/Data Policies [Duane, Tony 1 hr]

  • Develop the Higgins' roadmap in this area
  • Semantics clarifications. Define and perhaps build taxonomies of these:
    • Polcy
    • Configuration
    • Metadata
  • RP Security Policy
    • Is the goal Higgins policy = [MSFT CardSpace policy + Idemix]? More than this?
    • Relationship to other efforts (e.g. Liberty/CARML)?
  • User's data privacy policy --not sure what the term for this is
    • e.g. Mary Rundle's ideas (from Berkman Center) based on international data protection law
  • Identity Provider policy --not sure what the term for this is
    • Relationship to Liberty/AAPML
  • Icons for User Data Protection Policies [Mary Rundle 60 minutes]

Thursday

9:00AM: Principles of Identity Paper update [Gerry(phone) 15 min]

  • Conference call: phone: 866-649-4267 passcode: 7884544

9:15AM: Continuation of IdAS Discussion (see above) [2+ hours]

  • Import/Export issues 171298 and 171301
    • Comments added to bugs
  • Relationship Issues 171304
    • Comments added to bugs

11AM: Data Model & Related Topics [Paul 60 min]

  • Review model accessor API's
    • propose one way to access model (Through IContext) (pass a type URI to a method which will return the appropriate I*Model instance), all IdAS interfaces can navigate back to containing context)
  • Valery's Display Data Proposal and discussion
    • Motivation for "in-context" metadata vs. "external" metadata
    • Semantics of display metadata
  • Relaxing the OWL-DL constraint
    • Allow us to define our own kinds of Classes (e.g. for LDAP AUX classes, etc.)
    • Allow us to better "type" attribute data values (e.g. phone number masks (xxx)-xxx-xxxx) using XML Schema (I think)
  • "Well known Contexts"
    • Paul's unusual and possibly misguided ideas about how some kinds of identifiers (e.g. email, telephone numbers) should be modeled
  • IdentitySchemas.org update

Noon: Lunch with Phil

1:30pm: OSIS and Interoperability [Paul 30 min]

2pm: Registry Issues [Jim, Tom: 1.5 hours]

  • Status summary [IdAS_Registry_and_Configuration], 171291, and 164048
    • some notes in bugs
  • General Registry thoughts msg01249
  • need to rename ContextRef to ContextID
  • How is the Context ID passed through the card/RST, through the STS, and into the IdAS registry?
    • we could stop using the cardID to cary the contextID
      • In the card, can add the contextID to a subelement of the the card's metadata wsa:endpointReference element (reference parameter) -- or it might need to be placed in a subelement of the the card's token service wsa:endpointReference element (reference parameter)
      • the end result is moving the contextID out of the cardID in a way that it can travel thru the RST into the STS
  • IdAS and CP needs
    • Configuration
    • "Usable" contextID
      • Paul mentions possibly using XRIs coupled with resolvable XRDS data (XRDS data can contain configuration data)
      • Another possibility could make use of WS-Addressing
      • The ContextID could be made up of an XRI which can be viewed as having two parts
        • First part is resolvable to an XRDS (or some other standard) file or data.
        • Second part resolves to a node in that file (data set)
        • Paul thinks this is no different from breaking all the nodes into their own files, thereby each contextID would only be seen as a single-part entity
        • Can the XRI be viewed in the two-part way, where the first part is missing, and when missing, this file is known(configured) by the IdASRegistry?
  • Other Registry needs?

3:30pm: OpenID Context Provider [Dale, Tom, Jim 30 min]

  • Conference call: phone: 866-649-4267 passcode: 7884544
  • Implementation options (alternative use cases we could support)
  • Call in segment with Dave Recordon on West Coast

4:00pm: ISS Client UI [Dale 30 min]

  • Bootstrapping option [Dale]
  • Eclipse RCP vs. ??
  • Platform/tool/runtime issues [Paul]
  • Potential for collaboration with Ian Brown (developer of the Safari selector) [Paul]

4:30: SAML Context Provider [Dale, Tom, Jim 30 min]

  • Interest in creating this?
  • Help from OpenSSO project
  • Resources?

Friday

9:00AM: HBX: I-Card/Identity Selector [Abhi 30 min]

  • Additional local folks may join us for this segment - Conference call: phone: 866-649-4267 passcode: 7884544
  • Demo ????
  • Discussion of threat model to running the card selector in the browser itself

9:30AM: ITU demo discussion [Tony 60 min]

10:30AM: Higgins' and other Communities [Mary 60 min]

  • A discussion whose proposed outcome is a wiki page characterizing the Higgins project's relationships with other communities.
  • See draft here: Related Communities

IP update [Mary 20 min]

Milestone 0.7 Progress/Review [Paul 15 min]

  • Step through each component and get an update (even if the update is "stuck in IPzilla process")

Next Steps Wrapup

See Also