Meeting Minutes 2003 12 08

Attending: UAB - Jill, Jason; UNC- Tyler, Nadim. (1) Discussion of the two flow diagrams: In the one from CGU, there is no pass-thru so (if this is in fact how the code is implemented) the commObjects must be publicly readable, (including the passwords) which is insecure. Unfortunately no one from CGU was in attendance; those of us on the call agreed that the UAB flow on the left is correct, and that a separate conversation should be scheduled with CGU on this topic. (Update - this'll occur this week on Thursday). (2) is a 'commOwnerDN' attribute needed? The problem identified above was the reason for bringing this topic up again. After discussion we agreed that the answer was still NO. The pass-thru is handled by configuration of the LDAP server; the application is aware only of requesting and receiving commObject attributes. The LDAP directory manager must set a rule (which can be based on use of some locally define attribute such as commOwnerDN, or on matching the returned DN with a substring of the commOwnerURI ...) In short, this is an important topic for the cookbook. Note to Jason - make sure this topic goes onto the UAB to-do list for closing out the cookbook. (3) implementing endpoint authentication: password-based implementations are difficult for endpoint developers; they have to depend on directory servers being configured correctly, etc. This seemed to be further compelling argument for some certificate or S/MIME style approach. (4) Discussion - do we need an open source H.350 populating tooL?

Tyler suggested we do, to help with deployment. To be a true software distribution (RPM) would be a major development undertaking. In the meantime, UAB will prepare some vanilla, re-usable PHP scripts that could be adapted by those who know how to use PHP. Note: these scripts are available - Jason, can you let people know where to locate these scripts? (5) Room attribute? Is RFC 1274 for real? Cookbook needs to describe a scenario for needing a standardized room attribute (note to jason - onto UAB to-do list). The search field needs to be configurable so you can search by a room name if you know it. We decided even if the RFC was old, it had what was needed. (4) other updates - Jill working on presentations at NLANR (success) and CAMP (no success) workshops. ECS beta testing is done. No further work on installing HCL proxy due to problems no one could overcome & no reply from HCL.