Single Sign-on/Network Authentication Working Group

Minutes of meeting held October 4, 1994.
Send omissions/corrections in summary to the group.

ATTENDING.

        Norm Morrison, Alex Garthwaite, Lila Shapiro, Grover McKenzie,
        Andrew White, Shumon Hugue, Mark Litwack and Jim Johnson.

MEETING SUMMARY

Norm had no new username statistsics to report.  He will post a summary
of the current username analysis statistics to the group.

Jim reported a first cut of statistics on upenn.edu hosts.  An analysis
of the WHOIS database supplied by Dawn Clarke shows that there are 126
hosts that provide mail service to multiple users. Of these126,

        55 serve 10 or more users.
        14 serve 49 or more users.
        10 serve 100 or more users.
        4 serve 1000 or more users.

Its understood that the actual user counts for a given host is suspect,
but, this does give us a starting point for identfying hosts with high
username volume.  Additionally, Todd Seelman supplied a list of hosts
from the DCCS name server.  This is being analyzed now, to identify
non-mail hosts with high username volume.  Completion of this analysis
will show us rather quickly where the largest percentage of candidates
for Kerberos authentication and single sign-on are located.  Because the
name server data is also suspect, an exhaustive analysis of candidate
hosts will at some point require conducting a physical inventory.

Mark reported that a DEC ALPHA machine has been acquired for Kerberos
testing.  Alex has been assigned the task of installing Kerberos.

The group again emphasized that a close coordination of effort between
the new and improved PAS, and the People Database is essential.
Particular attention was paid to questions about:

        1.  How the timing of the People Database effort may impact
        improvements made to PAS and eventually, Kerberos authentication.

        2.  What organizational body would manage the People database.

        3.  How university affiliates such as Alumni, Guests, and those
        physically removed from the campus, will be managed differently in
        the People Database, so as to elimate the current information
        management problems experienced in PAS for these groups.

        4.  The composition, availability, and intended usage for a
        unique PENN IDENTIFIER,  and its relationship to SSN in the short and
        long term.

ACTION ITEMS
---------------

Norm Morrision - collect and analyze username space statistics.
Mark Litwack and Alex Garthwaite - install and test MIT Kerberos.
Mark Litwack - obtain more "overview type"  materials on Kerberos for the group.
Jim Johnson - identify multi-user hosts in the upenn.edu domain.
Jim Johnson - develop report on status of People Database effort.

NEXT MEETING
---------------
Oct. 11 in the UDC conference room, at the 1:00pm.

Topics:

Update on username statistics
Update on host statistics.
Update on status of Kerberos install and testing.