You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Bob Basch, Mark Silis and Paul Hill met on Wednesday, September 12th, 2007 to discuss issues that needed to be completed prior to turning on the Touchstone pilot.

  • We talked about the mail sent regarding various Shibboleth SAML assertion signing options. It was agreed that we would use the default settings at this time and not require the optional assitional signing. This does not have a security implication for any of the expected use cases during the pilot. This configuration option may have to be revisited if MIT users desire to use GridShibb applications.
  • Mark suggested:

    •  moving the contact information to the top of the Touchstone Help page. [This has been done.]

    • Add IS&T logo the page footer. [This has been done.]

    • Error page should point users to the help desk, not touchstone-support. [This change has been done, and the help desk is aware.]

    • Bob and Paul should be set up as help desk consultants so that they can read cases as requested. [Paul believes this has been done.]

    • Set up a briefing of the help desk staff and student employees. [This was done on September 25th]

    • Offer to perform briefings to the help desk on an ongoing basis, especially as new applications enter the pilot. [This has been done.]

    • Add robots.txt file to login and associated pages to tell web robots to go away. This will reduce unnecessary load on the servers.
  • Steve Landry asked that he and Hunter be given access to the logs and config files of the IdP. Since our current mechanism requires an account on the machine this has been turned down. Neither Steve nor Hunter have any experience with Stanford WebAuth or Shibboleth operations so no value would be added. The operations of the machines will be the responsibility of NIST when the transition has been completed.
  • Mark provided Bob and Paul with RSA secure tokens. These will be used for our root access as we move forward.
  • Mark will provide two machine for onging test and staging evironment to Bob by October 10th. These will run NIST RHE3.
  • RPM packages are not required for entry into pilot. Bob will start working on RPM packages after the test/staging machines are made available to Bob.
  • mark has asked:  Once meta data has been set up, what happens if the web admin copies it to multiple machines or moves? E.g. the data to day is a URI which by convention specifies the hostname, but it doesn't have to be. Bob and Paul will look at this more and write a response. The concern is that people can start instantiating more web applications that we are aware of.
  • No labels