CMI 5 Working Group Meeting Minutes – July 17th, 2015 - AICC/CMI-5_Spec_Current GitHub Wiki

cmi5 Working Group Meeting Minutes – July 17th, 2015

Attendees

• Bill McDonald - cmi5 Working Group Leader
• Craig Wiggins – ADL
• Henry Ryng – inXsol
• Pankaj Agrawal – GrassBlade
• David Pesce – Exputo
• Brandt Dargue – Boeing Research & Technology
• Charles Touron - ASTC
• Jason Lewis – Yet Analytics
• Ben Clark – Rustici Software
• Chris Shire – Oxford University Press
• Ray Lowery – Pratt & Whitney

Notes

The group discussed coordination with other xAPI communities of practice (COP) and how these other xAPI profiles would fit within (or parallel to) cmi5.

cmi5 promotion xAPI Boot Camp in Alexandria,VA last week - Craig Wiggins will provide links to cmi5 presentation on xAPI camp GitHub (Presented by Andy Johnson) xAPI Camp (Connections Forum) July 21, at Amazon in Seattle - Reviewed the cmi5 presentation for this conference with Aaron Silvers’ input. (To be presented by Bill McDonald)

xAPI Security (“xAPIsec”) Yet Analytics has started a discussion on security for xAPI based on new US government requirements for enhanced security for web services. The rationale for starting this discussion is as follows:

In accordance with OMB Memorandum M-15-13, which mandates the exclusive use of HTTPS with HSTS across all Federal government web services, it stands to reason that as a DoD initative, xAPI should hold itself, at a minimum, to that standard.

See https://github.com/yetanalytics/xapisec

The group discussed topic breifly and it appeared that HSTS may be outside the scope of the cmi5 specification, but more study was needed to make sure. Jason Lewis (of Yet Analytics) will take a look at our current cmi5 specification to see if there is anything we could incrementally do to facilitate the use of HSTS (or to at least not make any design decisions that would make it more difficult).

cmi5 compatibility with other xAPI profiles

In the past 2 meetings the topic of how other xAPI profiles might work with cmi5 has come up. Pankaj Agrawal (Video COP) has raised the issue of how “sub units” of Assignable units could issue xAPI statements using cmi5 verbs and not conflict with cmi5 statement rules. It has always been a design assumption of cmi5 that other “non-cmi5 statements” would be allowed as long as they do not conflict with cmi5 rules. (This is a key concept of cmi5’s extensibilty.)

So the group spent the majority of this meeting discussing: What is a “cmi5 statement” and what is “non-cmi5 statement” ? What are the rules for “non-cmi5 statements” ? (including statements from other xAPI profiles) Since cmi5 specifies how a launch an AU and manage its session, all “non-cmi5” statements will have to comply with the conditions of the “cmi5 session envelope”. (This is also necessary because the LMS is brokering the authentication to the LRS).

After some discussion, the group generally agreed that “Non-cmi5” statements must meet the following requirements:

1. Must have the cmi5 context template (defined by LMS in the state API)
2. Must NOT have the cmi5 contextActivities category ID in the statement context (note: the cmi5 spec will have to be changed to indicate this) {"id": "http://purl.org/xapi/cmi5/context/categories/cmi5"}
3. The AU (and its associated sub units) must not issue any (other) statements BEFORE the Initialized statement or AFTER the Terminate statement in an AU session.

Another xAPI profile that might fit within the “cmi5 session envelope” is the SCORM xAPI profile. Pankaj has suggested that the SCORM profile statements would be highly useful (especially for exams).

Bill McDonald will contact Tom Creighton to see if there are any issues with using the SCORM profile/statements in cmi5.

Next Meeting:

Next Meeting: July 24th, 2015 – 10:30 am US Eastern Time