Minutes
IAB Teleconference

2010-01-06

1. Roll-call, agenda-bash, administrivia, approval of minutes

1.1. Attendance

PRESENT
  Marcelo Bagnulo
  Ron Bonica (IESG liaison to the IAB)
  Stuart Cheshire
  Aaron Falk (IRTF Chair)
  Vijay Gill
  Russ Housley (IETF Chair)
  John Klensin
  Olaf Kolkman (IAB Chair)
  Gregory Lebovitz
  Andy Malis
  David Oran (IAB liaison to the IESG)
  Jon Peterson
  Dow Street (IAB Executive Director)
  Dave Thaler
APOLOGIES
  Gonzalo Camarillo
  Sandy Ginoza (RFC Editor Liaison)
  Danny McPherson
  Lynn St. Amour (ISOC Liaison)
ADDITIONAL PARTICIPANTS:
  Lucy Lynch (ISOC)

1.2. Agenda

The only substantive agenda item for this meeting was the techchat on Identity Management (item #2).

1.3. Administrivia

Jon Peterson noted that the Nomcom IESG slate was being finalized, but that it might not be ready by the next IAB business meeting. The IAB will have a call tomorrow with the NRO on the RPKI topic. Gregory is working on the authentication mechanisms ID, and should have an updated draft by the end of the week.

1.4. Meeting Minutes

No meeting minutes were reviewed during this call.

2. Techchat on Identity Management

Lucy Lynch led the IAB in a discussion of identity management, one component of ISOC’s “Trust and Identity” strategic work item. She began by summarizing the popular models in use today, including SAML, OpenID, and Infocard. SAML is the earliest of these three, and has seen fairly wide adoption within the education community. Infocard has now been through a couple of iterations, and it now provides fine-grained relationship management and anonymization, but these features come at a fairly high usability burden. OpenID has more traction and is the lightest weight, but it is NIST level 1, user asserted but not verified. OpenID is often used to provide persistence and single sign-on, sometimes with OAUTH (e.g., Facebook Flickr, etc.).

Lucy then elaborated on the advantages and disadvantages of these three models. For example, since SAML is deployed in federations by institutions, there are often out-of-band trust mechanisms that can be brought to bear, and users have a natural inclination to have their data managed by the institution. A few years ago there seemed to be a general opinion that one clear winner would emerge among the technologies, but it now looks like various pieces of the different models may need to be combined to achieve the desired experience. For example, Google presents an OpenID front that uses OAUTH and SAML behind the scenes. Of these technologies, OAUTH is the one with direct IETF work. She noted that the ITU is currently studying identity management (SG 13), and that 3GPP was also doing some work in this area, mostly for authentication of mobility.

The area has business drivers: security, regulation, risk mitigation, sticky services. The political component varies greatly by region, influenced heavily by the cultural trust in government. Educational institutions are currently struggling with issues of inter-federation, since they are each the trust anchor at the top of their federation with their own level of proofing. They now have to figure out how to integrate and standardize, which is exposing problems of scalability, cert. exchanges, etc. Russ noted that the situation is similar to PKI work in cross-certification. Lucy agreed, adding that in many cases they are trying to exchange “pieces of info” rather than full sets. There are interesting questions related to user data portability across services/sites, and how to grant, delegate, and withdraw permission or access.

It has also turned out to be difficult to find simple, core settings that achieve a good balance between user convenience and user experience. Lucy gave the recent changes to Facebook default settings as an example. The work hits the IETF in HTTP, GEOPRIV, OAUTH, and possibly RPKI, DNSSEC, etc. There is also a clear tension between user interests of control and privacy and the business interests for the associated data. The group discussed the often implicit agreements that are involved when users submit personal data on “free” sites and services. One approach may be to try and better define or disclose these implicit agreements, since the business arrangements and data trading between services can be fairly complex. However, there is a strong business incentive to not disclose, and the varied arrangements make it difficult for users to understand even when disclosed. Lucy noted that in real life users seamlessly switch between identities all day long, making different presentations of themselves based on context. Online, people don’t have obvious tools to manage this context or the related persona, or may find that their “many” personas are effectively combined via arrangements between different sites and services.

The session was quite informative, but no immediate IAB action items were identified. There is some relation to the upcoming IAB plenary topic at IETF 77. The IAB will consider possible work items in this area in the coming months.