...
- IAWG comments are being gathered in this GDoC: https://docs.google.com/document/d/1jswnFEpl1kvNmUAYBFa3MMjNXBam2BkYhE3FqbANOKQ/edit?usp=sharing
- Ken pointed out that extensions of the definitions will be suggested and there will be a clarification request on the purpose of the document. Ken added that there were missing some key terms in the definitions, such as trust framework and federation and explain the relationship between the two. Furthermore, it will be suggested to add definitions on trust, risk, object, entity.
- Mark K. suggested to add a reference of an existing document/standard, such as ISO.
- Colin provided a reference to ISO 29115 for "trust framework" definition: "set of requirements and enforcement mechanisms for parties exchanging identity information". Also, he provided a definition of "federation agreement" from an ISO search tool "identity federation agreement between two or more domains (3.2.3) specifying how identity information (3.2.4) will be exchanged and managed for cross-domain identification (3.2.1) purposes".
- Mark K. pointed out that a request of clarification on digital signatures should be added, based on the statement of Line 625: "Two major forms of digital signatures are DSA and PKI", so he suggested to request clarification on this.
- Ken will add a definition of authentication from IS29115.
- Mark K. said that he found the diagram confusing.
- It will be suggested a circular glossary that provides the relationship between the terms.
- Ken will revise the comments and provide a final draft for next week.
Others
- Richard commented that NIST wants to convert 63A/B/C rev4. into an international standard.