From: "Hinchliffe, Lisa W" <[log in to unmask]> Date: Wed, 17 Jan 2018 02:49:58 +0000 It's been awhile but to follow up on this discussion last year... after tracking this topic, talking with people, getting involved myself, I finally pulled together my thoughts, which were published today as an essay in the Scholarly Kitchen: https://scholarlykitchen. sspnet.org/2018/01/16/what-will-you-do-when-they-come- for-your-proxy-server-ra21/ Feedback, etc. welcome. The comments have a robust discussion and joining in there is welcome as well if you are inclined! I'm grateful to the discussion here on this list that helped inform my thinking. Lisa -- Lisa Janicke Hinchliffe Professor/ Coordinator for Information Literacy Services and Instruction University Library, University of Illinois, 1408 West Gregory Drive, Urbana, Illinois 61801 [log in to unmask], 217-333-1323 (v), 217-244-4358 (f) ________________________________________ From: LibLicense-L Discussion Forum [[log in to unmask]] on behalf of LIBLICENSE Subject: Re: RA21 themes topic of SSP Webinar From: Robert Kelshian <[log in to unmask]> Date: Wed, 24 May 2017 16:01:49 +0000 Hello again! How tacky to reply to my own post, however... After a few conversations with other interested parties, I thought it best to clarify a point that I take was unclear: My intention was not to imply that IP-based access is a non-secure method of access in and of itself. In my experience here, security issues tend to arise at the point of granting proxy access to resources. So, in my mind, the issues are less about "IP-based" access and more about "on-campus vs. off-campus" access - in library-speak. The security issues that I alluded to resulted when users accessed resources from off-campus via proxy. I apologize if that was unclear or confusing. Best, Rob -----Original Message----- From: Robert Kelshian Sent: Wednesday, May 3, 2017 1:30 PM To: [log in to unmask] Subject: RE: RA21 themes topic of SSP Webinar Hi All, I've been following this discussion and just wanted to say that I encourage folks to keep up with this initiative. We will be participating in some capacity as the pilots develop as I certainly don't think it hurts to help develop alternatives that may enable easier access to the resources we pay for. I think the concerns expressed are all very legitimate, but I think the purpose of the pilots is to get libraries involved and invested so that these alternatives can be developed with those concerns in mind and measures can be put in place to alleviate those concerns - the product can only improve if we are part of the process to make it better. As someone pointed out earlier, Nettie's message (http://listserv.crl.edu/wa.exe?A2=ind1704&L=LIBLICENSE-L&F=&S=&P=41110) from a few days ago sums up very nicely what this initiative is really about. At my library, we did have issues with accounts being compromised and abuse in terms of unauthorized access to resources when we were solely using IP-based authentication. So we added Shibboleth as a front layer to that a couple of years ago and it's worked wonders for us. We are members of InCommon and, through that, the process was very easy. I see the pilots as an extension of being able to provide greater security for our users, as well as for vendor-provided content. If we can provide direct login to resources at their source, I see that as an added benefit rather than forcing users through the library website as the point of origin for navigation - I understand that not everyone agrees with that as a good idea. That said, I think we provide users with so many points of discovery now, allowing them to access resources through those access points would likely promote usage of our resources which, again, I think is a good thing. Best, Rob -----Original Message----- From: LibLicense-L Discussion Forum From: JLuther <[log in to unmask]> Date: Tue, 2 May 2017 18:16:41 +0000 Unlike many other organizations comprised of publishers, the Society for Scholarly Publishing’s (SSP) members are individuals working throughout scholarly communication including those working for societies, vendors, not-for-profit publishers, commercial publishers, university presses, etc. This webinar touches on the themes raised in the RA21 discussion. http://www.resourcenter.net/Scripts/4Disapi2.dll/events/ 2016-scholarly-kitchen-webinar-the-future-of-access- authentication-and-privacy/663/ 2017 Scholarly Kitchen Webinar: The Future of Access, Authentication and Privacy Judy Luther MLS, MBA www.informedstrategies.com 610-645-7546 EDT