Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version 2

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Kantara Initiative Identity Assurance WG Teleconference

Table of Contents
maxLevel3
minLevel3
typeflat
separatorpipe

Info

 Call not a quorum

Date and Time

Agenda

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Minutes approval: IAWG Meeting Minutes 2012-12-13
    4. Open nominations for Vice Chair
  2. Discussion
    1. Issue Tracking update
    2. IAF Process and Errata
    3. Glossary work
  3. AOB
  4. Adjourn

Attendees

  • Myisha Frazier-McElveen
  • Scott Shorter
  • Bill Braithwaite

As of 1 November 2012, quorum is 4 of 6.

Non-Voting

  • Heather Flanagan (scribe)
  • Andrew Hughes
  • Ken Dagg
  • Helen Hill
  • Rich Furr

Apologies

Notes

  1. Ticket system
    1. HF has figured out what needs to change in the mySQL and PHP to create the additional fields; waiting to hear back from the sys admin to move this forward
  2. IAF Process and Errata
    1. LC looks forward to hearing what the IAWG wants to do with this; (Andrew) just need to make sure we can control the process, making sure substantive changes go through the usual process and errata exist for errors only
    2. If we do cyclical reviews of the IAF document set, how do we handle errata? Whatever we do, we need to write this down
      1. (Scott) with an issue tracking system, we'll track issues within the documents; so maybe the workflow for the ticket system is part of the errata process
      2. (Heather) yes, but the tickets are private, and errata would need to be published somehow
    3. We will pull the item from the ticket system, determine whether or not it is an errata vs a full IAF revision vs an incorrect/duplicate comment then address as necessary; if it belongs in the full IAF revision then table it until we get to that full revision; need to make sure we document the possible decision points for the errata (substantive, error, discard) and what the factors are for what would be a substantive change; (HF) if it requires our constituents to do something different, then it is a substantive change
      1. Action Item IDAssigneeDescription
        20130103-01MyishaDocument the process flow for errata
  3. IAWG Roadmap - 2013
  4. Glossary - hold to next week's call

...


    1. Diagram sent out by Myisha before the meeting, but there are some items we need to come to resolution on and then we can include it all in one document
      1. Andrew: should there be a feedback to the commenter loop? Yes
      2. Ken: Errata Addressed could be broken down further in to what that means; eg it's an immediate fix or a work item to be resolved in a future version or its rejected.  Myisha: that's part of prioritize
      3. Bill: should be feedback to the commenter while the errata is being reviewed; Andrew: first step, notify interested parties of discussion date
      4. Myisha: how does this play with the Kantara process of anonymizing the comments? HF: give them the option of participating in the conversation, defaulting to anonymous when necessary
      5. Scott: can we include the actual IAF revision cycle? can we include some temporal information on how often we review the incoming comments and how often the substantive comments are addressed? Myisha: this is part of what we need to consider, listed at the bottom of the page
      6. Myisha: there is still a lot that needs to be included, but we haven't reached consensus on it yet
      7. Andrew: there should be regular updates (once a year? twice a year? every two years?); HF: think we discussed having an 18 month cycle, to be counted at publication time, with the option of publishing more often if something big comes up; Myisha: if we look at an 18 month cycle, when would errata be accepted/published? Scott: we're always collecting this for 9 months to a year, so does that mean any errata after that would wait until the next release? Are we talking about publishing an actual errata document? Andrew: yes, there will be an errata doc published, and then at the 18month mark we incorporate those changes in to the next version;
      8. HF: don't confuse the Call for Comment period with the errata process
      9. Myisha: we will work on the errata on a monthly basis, and on a 9 month mark we'll start looking at the substantive change and incorporate them in to the revised IAF; the errata document would be updated as we accept new docs; HF: and we would notify the new BoT subcommittees for Assessors and CSPs when we publish a new errata doc
      10. Ken: we need to make sure we include in our review of the errata how massive a change that errata would cause for the certified organizations
      11. Andrew: if it actually changes current assessments, its substantive; Ken: so an errata change wouldn't be that and so we don't need to worry about which errata were applied during the decision for certification
      12. Andrew: so what will errata actually be?  What else other than typos, what things could we correct quickly that wouldn't impact assessments? Scott: incorrect references, for example
      13. Andrew: overall timeline would be: notify comment, comment processed and given to IAWG, IAWG has 3 weeks to classify and determine change required, and then once classified the errata page will happen within 7 days and appropriate parties (ARB, IRB, etc) notified; the goal is to have up to 30 days from receipt to getting the text online; do we have to quorum for acceptance of errata? We can do this via e-ballot if calls are not a quorum
  2. Glossary - hold to next week's call
    1. Ken is still waiting for comments; will resend what he has so far to bring it back to the top of people's email queue

 

AOB

  • regarding the Decoupled Binding document that's receiving so much interest, what are the next steps on that? 
    • Myisha: it is on our roadmap, and the next steps were to accept input, update the doc, and incorporate in the next IAF
    • Scott: when is the next IAF? Myisha: will start some heavy work in Q3 to incorporate changes and updates needing to be made (800-63, decoupled binding)
    • Scott: is there is demand to shift to make the FICAM approval a profile and the base IAF has flexibility? Depends on champion/funding
      • Scott: to define work effort and scope to work on this and we'll have it on the agenda for next week; Ken to assist as available
      • Scott: NIST 800-130 might have some useful information to inform what goes in to the IAF

Next Meeting

...