Jan 29-31 Provo F2F Agenda

General

Higgins face-to-face meeting in Provo, Utah, January 29-31, 2008.

Location Novell's office. 1800 South Novell Place, Provo, UT 84606, (801) 861-7000

The event will start Tuesday at 9:00AM and end Thursday at noon.

For early-comers and late-leavers, we're planning one or more ski days. See the ski poll

Hotel: Several of us are staying at the Marriott Conference Center in Provo (Map). There are also a few hotels within walking distance (may have to deal with snow though)

Weather Dress warm. It may be cold.

Getting there: Most people fly into the SLC airport and drive to Provo. Here are directions from SLC International Airport to Novell.

Expected Attendees

1. Dale Olds - Novell
2. Jim Sermersheim - Novell
3. Mary Ruddy - SocialPhysics/Parity
4. Paul Trevithick - SocialPhysics/Parity
5. Tony Nadalin - Bandit
6. Tom Doman - Novell
7. Daniel Sanders - Novell
8. Phil Hunt - Oracle
9. Drummond Reed - Cordance/Parity
10. Andy Hodgkinson - Novell
11. Duane Buss
12. Michael McIntosh - IBM
13. Markus Sabadello - Parity
14. Carl Binding - IBM
15. Uppili Srinivasan - Oracle
16. Bruce Rich - IBM
17. George Stanchev - Serena
18. Anthony Bussani - IBM

Attending by Phone (watch this space for conf #):

1. Brian Carroll - Serena
2. Paula Austel - IBM
3. David Primmer - Google (for session on STS IdP + SAML IdP refactoring)

Tuesday

9:00-9:20 Welcome, Introductions, Logistics [Paul, Mary, Dale]

• Introductions
• Eclipse ground rules
• Logistics

[30min] Higgins 1.0 Release Plans [Mary]

• Review of bug list
• Status of IP Review
• Status of "graduation from incubation" review
• Estimated 1.0 Release date: _________

IdAS & IGF Design [Jim and Phil]

• Call in session??
• Presentation of IGF Requirements

Higgins Data Model [Paul & Jim]

• See Higgins Data Model
• HOWL & IdAS
  • [Paul] Review of proposed changes to higgins.owl
  • Quick look at OWL 1.1
  • Relax to OWL-Full (withdraw decidability requirement)
  • Jim's 4/5 open issues need to enumerate them here

The Future of the Configuration Component

• Configuration component: need two versions of Configuration.common (one for plugin-based configurations and one for jar-based configurations)
• support "writing" not just reading
• better support for passwords in the file
• make it possible to do "round tripping" somehow (MikeM)
• central configuration service?
  • problems: how to transfer stuff from file system (e.g. keystore) to the service?
  • we're currently passing objects around that are hard to serialize
  • use JSON
• Configuration UI?

[30min] Higgins on Android [Mike?, Paul?]

• Demos
  • IBM's CES Demo
  • Parity's
• Starting an Android work area within Higgins
  • IP issues around Android
  • Contributions

[45min+] Higgins Selector Selector [Mike, Paul]

• Intro: Read http://www.incontextblog.com/?p=17
• Discussion of the design
• See diagram on slide #7 here: <missing link>
• Platform support
  • (Windows, OSX, Linux, Android) * (installer, code)
  • Firefox, IE7, Safari, Android

Wednesday

[2hrs] STS IdP Solution in Depth [Mike]

• Similar to New York F2F sesion, but shorter
• (Weds or Thurs please)
• STS Work items:
  • STS token service still bypasses IdAS to access/update attributes
  • Sample STS should cut over to using XMLFile Context Provider
  • Use of "informationCard generator" in STS's profile service?
  • Currently the STS MEX endpoint only advertises support for transport-level security (using UN token or self-seigned SAML token)

[15 min] Card-based OATH [Paul]

• Support for Oauth in the world of Higgins
• Oauth uses redirects all over the place and asks the person to sign in using un/pw at the service provider. There must be a better user experience.
• How about O-cards? User experience:
  • User gets an O-card from Service Provider (e.g. Google Calendar)
  • User fires up Oauth Consumer that wants Google Calendar data stream
  • Selector appears with Google Calendar card displayed
  • Selector UI asks to approve grant of rights
  • User clicks "Approve" button
  • Done. [No redirects, no un/pw entry at SP, etc.]

Merging SAML2 IdP into STS framework [Mike]

• Pre-merge refactoring
  • Should we rename low level reusable sts.* components -> htp.* (Higgins Token Processing)
• Task planning
• Resources

[20min] Novell open source IdP presentation [Tom]

• (Weds or Thurs please)
• This uses the Higgins STS and IdAS components. Presentation will include the following:
• High level architectural overview of IdP and how Higgins STS and IdAS are used.
• Demonstration.
  • Download the IdP tarball.
  • Build it.
  • Deploy to server that has Tomcat installed.
  • Configure using web based admin.
    • Miscellaneous configuration.
    • Configuration of attributes that can be stored.
    • Configuration of information card templates.
    • Configuration of Java keystore
    • Configuration of IdAS context provider.
    • Look at the XML configuration files that are generated by admin.
    • Customizing how the IdP will look and feel.
  • Create user account
  • Manage user account, including change password
  • Issue information card using a card template
  • Use information card

[15min] Web-based Selector Demo [Paul, Jeesmon]

• [3 min] HBX/Firefox Demo [Paul]
• [12 min] HBX/IE AIR web-based Selector Demo [Jeesmon remote from Needham, MA]
• Architecture Diagram including integration with Selector Selector
• Installation demonstration
• Login to RP site demonstration

[45min] Introduction to R-Cards [Paul]

• Evolution of i-card definition
• Definition of r-card
• Where r-cards fit in Higgins Data Model
• Proposed data format (schema) [Drummond]
• How they work -- the BestBuy COA "VRM" use case

Introducing XDI and X3 [Drummond]

• Very brief background on OASIS XDI TC
• Explain how XDI is the protocol equivalent of the Higgins Data Model (and that's why I'm working with Paul and Markus and Higgins)
• Show a few simple examples of X3 (using Markus' XDI Converter) to show how the XDI RDF Model can be used to implement the HDM and vice versa.
• Point out the XDI RDF Model sections.
• Finish by showing X3 for the same r-card scenario that Paul went through

Demonstration & Code Walk-through [Markus]

• Introduce XDI4J
• Give a basic tour
• Show the XDI Messenger
• Show the XDI messages that would be transmitted for the BestBuy COA VRM use case Paul

Terminology & Interop [Paul]

• Information Cards vs. I-Cards
• Managed, Personal, and Shared --card categories
• R-Cards, ISIP-M-Card, ISIP-P-Card --card types
• UA-to-RP
• UA-to-IdP
• UA card import/export
• Other interop issues

Thursday (ends at noon)

1.0 and 1.1 and... Plan

• Review of outstanding bugzilla bugs (known bugs in 1.0)
• Branch proposal:
  • Create branches (as we do now) for stable builds
  • Just keep marching towards 1.1, 1.2, 1.3 etc.
• 1.1 Plan
  • Highlights

Introduction to COIN [Paul]

• http://openidentitynetwork.org
• What will COIN do?
  • Driving Higgins adoption
  • Governance
  • Funding
  • Certification
  • Public Policy
  • Etc.
• Status of incorporation/launch
• Marketing plan for 2008
• Operating plan for 2008

RSA (April) and Catalyst (July) Interop Planning

• Objectives?
• Documentation of Higgins (eclipse-based, client-based, web-based) interop status/results?
  • The Higgins wiki is still circa June 2007
  • Need a matrix of support for Higgins 1.0
• New functionality
  • R-Cards
  • OpenID
  • Selector Selector

Review and discussion of alternative to Microsoft's i-card logo [Paul]

• Why we can't live with the current one
• Road forward

Marketing & Outreach [Paul, Mary]

• [Paul] New higgins-project.org website
• [Mary] Press release plan: coordination with Eclipse Foundation
• Discussion of how we will publicize Higgins 1.0.
• Outreach to independent OSS developers
  • What should we be doing? Should we have an plan?
  • What example CPs would get folks excited? A Twitter CP?
• Outreach to other related efforts
  • Dataportability.org - What more should we be doing
  • Semantic Web crowd
  • ...other groups

Fodder

Fodder:

• Beyond Higgins 1.0 <-- lots of topics for discussion here

• Discuss the development of a "portable ledger" format that would allow import/export of this ledger so that card history could be maintained (at least within Higgins selectors)
• Planning for Higgins 1.1M1
  • Aligning the 1.1 road map with the RSA interop
• IdAS data model discussion
• IdAS extensible APIs

Links

• Higgins Home