Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Jan 29-31 Provo F2F Agenda
Higgins face-to-face meeting in Provo, Utah, January 29-31, 2008.
Contents
- 1 Logistics
- 2 Expected Attendees
- 3 Tuesday
- 4 Lunch
- 5 1pm Tuesday Afternoon
- 5.1 [15min] Introduction to Higgins [Paul]
- 5.2 [10min] API Extensibility [Jim]
- 5.3 [1hr] IdAS and the Higgins Data Model; Open Issues [Jim]
- 5.4 3:00pm 15 min break
- 5.5 3:15pm [30min] HOWL and the Higgins Data Model; Proposed update [Paul]
- 5.6 4:10pm [15min] Higgins on Android [Tony, Paul]
- 5.7 4:20pm [10min] DEMO: Eclipse-based Selector [Mike]
- 5.8 4:30pm [45min+] Higgins Selector Selector [Mike, Paul]
- 5.9 [5min] Report on Java Impl Selector Performance Issues [Paul]
- 5.10 [15min] DEMO: Client-based Selector "DigitalMe" [Andy]
- 6 9:00am Wednesday Morning
- 7 Wednesday Afternoon
- 7.1 [2hrs] STS IdP Solution in Depth [Mike]
- 7.2 [20 min] Considerations for a multi-protocol ID provider [Uppili]
- 7.3 [45min] Merging SAML2 IdP into STS framework [Mike, Markus]
- 7.4 [45min] [DEMO] Novell open source IdP presentation [Daniel]
- 7.5 [45min] Introduction to R-Cards [Paul]
- 7.6 [1hr] Introduction to XDI and X3 [Drummond]
- 7.7 [15min] [DEMO] XDI4J Code Walk-through [Markus]
- 8 Other Topics
- 9 Thursday (ends at noon)
- 10 Thursday afternoon - Unofficial Continuation
- 11 Fodder
- 12 Links
Logistics
- Location: Executive Briefing Room 1, Building H, Novell's office. 1800 South Novell Place, Provo, UT 84606, (801) 861-7000, map
- After you enter building H, the executive briefing rooms are through glass doors on your right.
- Call Jim at 801 380 8760 if you have any problems.
- Time: The event will start Tuesday at 9:00 AM and end Thursday at noon.
- A continental breakfast will be available starting at 8:30 AM
- For early-comers and late-leavers, we're planning one or more ski days. See the ski poll
- Hotel: Several of us are staying at the Marriott Conference Center in Provo (Map). There are also a few hotels within walking distance (may have to deal with snow though)
- Weather: Dress warmly. It may be cold.
- Getting there: Most people fly into the SLC airport and drive to Provo. Here are directions from SLC International Airport to Novell.
Expected Attendees
- Dale Olds - Novell
- Jim Sermersheim - Novell
- Mary Ruddy - SocialPhysics/Parity
- Paul Trevithick - SocialPhysics/Parity
- Tony Nadalin - Bandit
- Tom Doman - Novell
- Daniel Sanders - Novell
- Phil Hunt - Oracle
- Drummond Reed - Cordance/Parity
- Andy Hodgkinson - Novell
- Duane Buss
- Michael McIntosh - IBM
- Markus Sabadello - Parity
- Carl Binding - IBM
- Uppili Srinivasan - Oracle
- George Stanchev - Serena
- Anthony Bussani - IBM
Attending by Phone (888-457-5984, passcode 5849826). Alert us on #higgins IRC for agenda items you wish to join for:
- Brian Carroll - Serena
- Paula Austel - IBM
- David Primmer - Google (for session on STS IdP + SAML IdP refactoring)
- Bruce Rich - IBM
- Greg Byrd - IBM (for configuration discussion, possibly more)
Tuesday
NOTES ON THE AGENDA PROCESS
The agenda as proposed on this wiki page is just a place to start. Usually we rearrange and adjust the topics as the meeting progresses. We take notes right in this wiki page. If a demo is included it is in the topic's title line "[DEMO]". If the topic can't be moved there should be a bullet.
We will track at least the agenda on the #Higgins IRC channel. If you wish to call in for an agenda item, please let us know on the #higgins IRC channel and we'll set up a conference bridge. The conference bridge number will be 888-457-5984, passcode 5849826
9:00-9:20 Welcome, Introductions, Logistics [Jim, Paul, Mary, (Dale)]
- Introductions
- Eclipse ground rules
- Logistics
- We will post the current agenda item to #higgins
- Need IRC Scribes: Mike and Jim volunteered
- Will take notes onto this Wiki
- Need Wiki Scribes (we'll decide per session)
- We will post the current agenda item to #higgins
9:30 [2:20 hrs] IdAS & IGF Design [Jim and Phil]
11:50 [15min] Higgins 1.0 Release Plans [Mary]
- Review of 1.0 bug list
- Status of IP Review – IP Log accepted
- Status of Release Review
- Have OK to hold review
- Tentatively scheduled for Feb 13
- First drafts slides due 1/30
- Final slides due 1/3
- Final slides posted by EMO on 1/6
- Can release if get OK at release review (no more waiting period)
- Possible Eclipse announcement date – Feb 20
- Status of "graduation from incubation" review - Revisit this after complete Release Review and 1.1 planning
- Eclipse Quality page
Lunch
1pm Tuesday Afternoon
[15min] Introduction to Higgins [Paul]
- As we move towards paying more attention to documentation and technical marketing of what we've already done, we need to find a way to divide Higgins into logical peices.
- Paul will introduce the new three layer model (See Solutions)
- Paul will then focus on the "new/old" bottom layer: (see Higgins Global Graph)
[10min] API Extensibility [Jim]
- Now that we've decided to consider Higgins APIs "provisional" (see <insert link>) this issue is something that we can keep working on over time.
- Jim present requirements
- Differing proposals are at IdAS API Extensibility
- Are we going to use deprecation?
- We're pushing this beyond 1.0, and tentatively pushing this agenda topic to a later slot.
[1hr] IdAS and the Higgins Data Model; Open Issues [Jim]
- Background: Higgins Data Model
- Issues are tracked at Data Model Open Issues#General
- Covered "mixed attribute values" and "Closed or Open Simple data types" but didn't really get a lot of resolution.
- Still need to talk about other two issues
3:00pm 15 min break
3:15pm [30min] HOWL and the Higgins Data Model; Proposed update [Paul]
- For background, here is the existing howl:HOWL
- Review of proposed changes to higgins.owl: HOWL Update
- New higgins.owl
- Person.owl Example
4:10pm [15min] Higgins on Android [Tony, Paul]
- IBM
- IBM's CES Demo
- Parity
- [5min] Parity's work
- WebKit limitations
- Javascript injection approach
- Challenges/Issues
- Wishlist
- [5min] Parity's work
- Starting an Android work area within Higgins?
- IP issues around Android
- Contributions
4:20pm [10min] DEMO: Eclipse-based Selector [Mike]
- Solution: Eclipse-based Selector Solution
- Installation on Windows with IE
- Sign in to RP site
4:30pm [45min+] Higgins Selector Selector [Mike, Paul]
- Intro: Read http://www.incontextblog.com/?p=17
- Platform-idependent architecture:
- Discussion of the design
- See diagram on slide #7 here: <missing link>
- See also Higgins Platform Support notation proposal
[5min] Report on Java Impl Selector Performance Issues [Paul]
[15min] DEMO: Client-based Selector "DigitalMe" [Andy]
- Demo
- Current status
- Integration of next-gen HBX and Higgins Selector Selector ??
- Documentation
- Harmonization of Bandit site
- Roadmap
9:00am Wednesday Morning
[45min] Selector UIs [Tony?, Andy?]
- Higgins is blessed(!) with multiple i-card selector UIs:
- GTK-based "DigitalMe" on Linux
- Cocoa-based "DigitalMe" on OSX
- RCP-based
- Firefox-embedded (requires hosted I-Card svc)h
- AIR-based (requires hosted I-Card svc)
- Need to reduce the number of parallel implementations
- Need to converge on a common UI
- Document the steps in any login process where: (trying for "common enough" here)
- The user needs to make a decision (e.g. to operate a control)
- What information is needed by the user to make the decision
- Where this information comes from
- What is at risk if such a choice is hidden from the user, e.g. by user preference
- Document the steps in any login process where: (trying for "common enough" here)
- Need to improve the UI
- What about http://wiki.eclipse.org/User_Interface_Best_Practices_Working_Group
9:45AM [15 min] [DEMO] AIR-based Selector Demo [Jeesmon]
- [3 min] HBX/Firefox Demo [Paul]
- [12 min] HBX/IE AIR web-based Selector Demo [Jeesmon remote from Needham, MA]
- Architecture Diagram including integration with Selector Selector
- Installation demonstration
- Login to RP site demonstration
[10min] [DEMO] Web-based Selector Demo [Paul]
- We've added what we think is a UI improvment over CardSpace UX: "remember this card (at this site)" (coupled with "remember this password for the card")
- Remember this Card Overview
- Need to discuss "twinkle" idea, "unremember" function
[30min] The Future of the Configuration Component [Greg]
- Configuration component: need two versions of Configuration.common (one for plugin-based configurations and one for jar-based configurations)
- support "writing" not just reading
- better support for passwords in the file
- make it possible to do "round tripping" somehow (MikeM)
- central configuration service?
- problems: how to transfer stuff from file system (e.g. keystore) to the service?
- we're currently passing objects around that are hard to serialize
- use JSON
- Configuration UI?
- NOTE: Greg B. would like to call in, if this discussion happens. On Wednesday, I'm available 9-11am and 12:30-3:00 (Provo time).
10:40 [1hr] Access Control [Tom]
- Access Control Issues in LDAP
- Acesss Control Issues in JNDI
- General Access Control Issues
- Providing Access Control through IdAS
- Should we start collecting use cases?
Wednesday Afternoon
[2hrs] STS IdP Solution in Depth [Mike]
- Similar to New York F2F sesion, but shorter
- (Weds or Thurs please)
- STS Work items:
- STS token service still bypasses IdAS to access/update attributes
- Sample STS should cut over to using XMLFile Context Provider
- Use of "informationCard generator" in STS's profile service?
- Currently the STS MEX endpoint only advertises support for transport-level security (using UN token or self-seigned SAML token)
[20 min] Considerations for a multi-protocol ID provider [Uppili]
- When considering merging of STS and SAML from a Higgins infrastructure perspective, it will be useful to discuss and get some common understanding about what is the ultimate "functional" objective. Are there cross-functional use cases in scope for the resulting multi-protocol system, or are we just sharing code between what would be completely independent systems. Would this guide how to approach the same issue if a reference implementation of OpenID were considered as part of Higgins (in future).
- Look at the canonical layers of an IDP
- Allude about infrastructure building blocks that can be shared
- Meditate about some cross-protocol use cases / scenarios (like global sign-out)
- ( I think this item should be here or somewhere prior to the "Merging" discussion, below).
[45min] Merging SAML2 IdP into STS framework [Mike, Markus]
- Pre-merge refactoring
- Should we rename low level reusable sts.* components -> htp.* (Higgins Token Processing)
- Task planning
- Resources
[45min] [DEMO] Novell open source IdP presentation [Daniel]
- (Weds or Thurs please)
- This uses the Higgins STS and IdAS components. Presentation will include the following:
- High level architectural overview of IdP and how Higgins STS and IdAS are used.
- Demonstration.
- Download the IdP tarball.
- Build it.
- Deploy to server that has Tomcat installed.
- Configure using web based admin.
- Miscellaneous configuration.
- Configuration of attributes that can be stored.
- Configuration of information card templates.
- Configuration of Java keystore
- Configuration of IdAS context provider.
- Look at the XML configuration files that are generated by admin.
- Customizing how the IdP will look and feel.
- Create user account
- Manage user account, including change password
- Issue information card using a card template
- Use information card
[45min] Introduction to R-Cards [Paul]
- Evolution of i-card definition
- Definition of r-card. See R-Card
- Where r-cards fit in Higgins Data Model
- Proposed data format (schema) [Drummond]
- How they work -- the BestBuy COA "VRM" use case
[1hr] Introduction to XDI and X3 [Drummond]
- Very brief background on OASIS XDI TC
- Explain how XDI is the protocol equivalent of the Higgins Data Model (and that's why I'm working with Paul and Markus and Higgins)
- Show a few simple examples of X3 (using Markus' XDI Converter) to show how the XDI RDF Model can be used to implement the HDM and vice versa.
- Point out the XDI RDF Model sections.
- Finish by showing X3 for the same r-card scenario that Paul went through
[15min] [DEMO] XDI4J Code Walk-through [Markus]
- Introduce XDI4J
- Give a basic tour
- Show the XDI Messenger
- Show the XDI messages that would be transmitted for the BestBuy COA VRM use case Paul
Other Topics
Terminology & ISIP Interop [Paul]
- Information Cards vs. I-Cards
- Managed, Personal, and Shared --card categories
- R-Cards, ISIP-M-Card, ISIP-P-Card --card types
- UA-to-RP
- UA-to-IdP
- UA card import/export
- Other interop issues
- Discuss the development of a "portable ledger" format that would allow import/export of this ledger so that card history could be maintained (at least within Higgins selectors)
[15 min] Card-based Oauth [Paul]
- Support for Oauth in the world of Higgins
- Oauth uses redirects all over the place and asks the person to sign in using un/pw at the service provider. There must be a better user experience.
- How about O-cards? User experience:
- User gets an O-card from Service Provider (e.g. Google Calendar)
- User fires up Oauth Consumer that wants Google Calendar data stream
- Selector appears with Google Calendar card displayed
- Selector UI asks to approve grant of rights
- User clicks "Approve" button
- Done. [No redirects, no un/pw entry at SP, etc.]
Autobuilds, Auto-tests
- Eclipse features building: Peter is working on this
- C++: currently built using "cmake" (configure and make). compatible with SUSE autobuild service. builds the RPM packages.
- Nightly Junit tests: for longer term
Moving, Renaming Components
- Split selector selector from HBXIE
- Plugins folder
- .deployment.idas.basic -> move to app?
- .rpps -> ss
- .rsse -> rename to .ss.rsse
[30min] Five ways to integrate OpenID [Paul]
- OP Uses Cards for Auth (prevents phishing)
- Sxip OpenID Cards (OpenID claim type in managed cards or shared cards)
- OpenID Card: fills in pw at OP (prevents phishing)
- OpenID CP: OpenID OP into CP
- OpenID & Cards: Grand Unification
Thursday (ends at noon)
1.0 and 1.1 and... Plan
- Review of outstanding bugzilla bugs (known bugs in 1.0)
- Branch proposal:
- Create branches (as we do now) for stable builds
- Just keep marching towards 1.1, 1.2, 1.3 etc.
- 1.1 Plan
- Highlights
Introduction to Open Identity Network Non-profit [Paul]
- See OIN and http://openidentitynetwork.org
- Status of incorporation/launch
- Marketing plan for 2008
- Operating plan for 2008
RSA (April) and Catalyst (July) Interop Planning
- Objectives?
- Documentation of Higgins (eclipse-based, client-based, web-based) interop status/results?
- The Higgins wiki is still circa June 2007
- Need a matrix of support for Higgins 1.0
- New functionality
- R-Cards
- OpenID
- Selector Selector
Review and discussion of alternative to Microsoft's i-card logo [Paul]
- Why we can't live with the current one
- Road forward
Marketing & Outreach [Paul, Mary]
- State of the art evangelizing: dataportability evangelism projects. We should be so cool. They have a killer YouTube video already.
- [Paul] New http://higgins-project.org website
- Folding in http://cloudtripper.org/ underneath?
- [Mary] Press release plan: coordination with Eclipse Foundation
- Discussion of how we will publicize Higgins 1.0.
- Outreach to independent OSS developers
- What should we be doing? Should we have an plan?
- What example CPs would get folks excited? A Twitter CP?
- Outreach to other related efforts
- http://dataportability.org
- http://www.opendatacommons.org/
- http://practicalportability.org/
- Semantic Web crowd
- Etc
- Events
Thursday afternoon - Unofficial Continuation
- Whoever wants to stay, stay