29/06/2016

Participants:
EGI: Diego, Peter, Christos and Alessandro
ESA: Salvatore, Marco

Meeting agenda:
1) ESA needs on AAI
2) EGI AAI and the AARC blueprint model
3) Open Discussion and next steps


1) ESA needs on AAI

TEPs projects.
Interoperability between teps should be guaranteed also on AAI.
Type of interactions: User-Machine, machine-machine (delegation).

TEPs currently are relying on ESA user service auth and authZ framework. It's based on a single IDP at the time (ESA IdP).
It's based on SAML. Service providers registered are the ESA services. Work on support machine-machine (delegation) still in an early status.

Pilot in place with an internal federation. We have a multi-missions IdP. Federation between multi-missions and copernicus should be achieved. We already have the software to do it.

Other pilots: integrating to EduGAIN via GARR IDEM Federation. ESA IdP will become part of EduGAIN.

TEPs: another requirement is the retro-compatibility with the current ESA SSO.

ESA is discussing with several actors: INDIGO-DC, EGI, EPOS (Unity)

Diego: Solution based on unity in EGI - LTOS platform: https://access.egi.eu

Christos: many similarities with the EGI use case

2) EGI AAI and the AARC blueprint model

Christos's presentation (see slides)

3) Open Discussion and next steps

ESA will provide feedback on te AARC blueprint model. They could contact Christos to have a direct channel with AARC.

Discussion about the status of the EGI AAI software and the roadmap:
- The EGI IdP/SP proxy has already reached a good quality level and it is already integrated in EGI tools in production such as AppDB (https://appdb.egi.eu/), GOCDB (http://goc.egi.eu/), GGUS (https://ggus.eu/).
- Oauth2/OIDC support towards service providers will be available by end of July
- EGI will work on delegation on the next months

ESA could deploy the EGI IdP/SP proxy as a pilot. This proxy instance could be connected with the EGI one (as EGI has already done with ELIXIR). 

Next Steps:
Christos will send material to Marco and Salvatore: slides, link to sw repository
ESA to discuss internally about the EGI solution. Marco and Salvatore will inform EGI if they are interested to run a pilot with the EGI software.