...
Voter Name | 21 June 2012 Attendance |
Bill Braithwaite | xX |
Myisha Frazier-McElveen | xX |
Rich Furr | |
Linda Goettler | xX |
Sarbari Gupta |
|
Helen Hill | X |
Scott Shorter | xX |
Colin Soutar | xX |
Richard Wilsher | xX |
Non-voting:Ken Dagg
Andrew Hughes
Nathan DavidFaut
Apologies:
Staff: Joni Brennan, Pat Roder
1. ADMINISTRATIVE:
a) Roll Call – Quorum was achieved since there were 6 were 7 voting members out of 8 of 9 on the call.
b) Motion for Minutes: Linda moved to approve the Meeting Minutes from 6/7/12 and it was secondedand the motion was seconded by Colin.
c) Agenda confirmation: Agenda confirmed.
2. KAR
On the 6/7/12 call, there was an Action Item taken for the assessors with AICPA certification to produce evidence to confirm that they are able to provide non-AICPA compliant reports. Based on the evidence produced (if any), assessors can determine the best path forward.
- Bill made a The motion to adoptKantara IAF-3310 KAR v0-3as the base document for the editing perspective with a formal call for comments and an editor assigned was re-made by William. Sarbari seconded the motion and no one opposed it. (ACTION ITEM)Mark It was seconded by Rich and was approved.
- Mark had volunteered to be the editor on the 6/14/12 call. Richard and Scott also volunteered.
- Richard and Scott agreed to contact Mark and work together to edit KAR v0-3. (ACTION ITEM)
3. IAWG ROADMAP
- The group then discussed the Q3
...
Q3:
- The Q3 effort involves effort of drafting the pseudonymous approach of decoupling credentials from identities.
- On the 6/7/12 call, it was agreed that a position statement, use cases, and gap analysis be developed for this approach.
- IAWG members were asked to express their interest in participating in this effort. Ken, Colin and Andrew indicated their willingness to contribute to this taskKen, Colin, Andrew and David formed a sub-team to address this issue.
- Andrew agreed to champion this effort and to provide an update to the IAWG in 3 weeks. (ACTION ITEM)
- This effort may be conducted as a sub-team which provides updates to the IAWG on their weekly calls.
Q4:
- The Q4 effort involves profile development which is nation/sector specific.
- This effort may be premature for the Government of Canada. It is still being determined whether a profile specific to health care is necessary.
- The Q4 effort also involves the initial draft development of Relying Party Guidelines.
- The questions of whether Q4 is the appropriate timeframe for this work and whether the IAWG is the appropriate body to conduct this work were put to the group.
- The group agreed that the guidelines are needed since there are currently none available but that there are many facets of this work which will fall into many working groups and that it would not belong solely to the IAWG.
- It was decided to leave this component as a Q4 item at this time.
4. OUTREACH
...
4. OUTREACH
- The group continued to discuss the development of a list of end-user communities who may leverage Kantara’s Identity Assurance Program.
- Joni questioned what kind of financial institutions should be included and Ken stated that he meant banks as well as the insurance industry and investment firms.
- Any institution that deals with online access presents an opportunity for a business case to be made for using external certifying providers.
- When outreach is made from peer to peer, material (use case or business case) should be in hand to present.
- This material could be specific to the institution type (financial, insurance, etc.) and could be geared toward recruitment to Kantara or towards the adoption of Kantara’s programs.
- It was agreed that an item should be added to the IAWG’s workstream to develop a paper that describes what Kantara has to offer and how it can provide an organization with a high value serviceIndustrial control systems, such as power plants and smart grid, were identified as a possible industry for outreach. Standards bodies such as ISA99 and ISO27004 were also mentioned.
- Andrew suggested the Justice sector may be a possible candidate for outreach and supplied a link to the Justice sector organization that is working on identity federation (http://gfipm.net/index.html).
- The content of the proposed outreach material was discussed including use cases for the general public as well as for business to business, value propositions, and a cost/benefit analysis of being assessed.
- Colin volunteered to prepare a first draft of this material. (ACTION ITEM)
5. EVENTS
Due to time constraints, the discussion of this item was deferred until the next conference call on June 2821, 2012. (ACTION ITEM)
6. AOB
...
Due to time constraints, the discussion of this item was deferred until the next conference call on June 28, 2012. (ACTION ITEM)
6/21/12 Action Items
Action Item | Assigned To | Status | Description | Comments |
20120621-01 | Mark Lundin, Scott Shorter, and Richard Wilsher | Open | Contact each other and work together to address the editing of IAF-3310 KAR v0-3 |
|
20120621-02 | Ken Dagg, Colin Souter, Andrew Hughes and David Wasley | Open | Begin working as a sub-group to develop a position statement, use cases, and gap analysis for the pseudonymous approach and report to IAWG in 3 weeks (7/12/12) |
|
20120621-03 | Colin Souter | Open | Prepare first draft of an Outreach paper that describes what Kantara has to offer and how it can provide an organization with a high value service. |
|
20120621-04 | IAWG | Open | Discuss IAWG Events on the 6/21/12 call. |
|
20120621-05 | IAWG | Open | Discuss AOB on the 6/21/12 call. |
|
20120621-06 | IAWG | Open | Review Action Items on the 6/21/12 call. |
|
6/14/12 Action Items
Action Item | Assigned To | Status | Description | Comments |
20120614-01 | IAWG | OpenClosed | Provide comments on Kantara IAF-3310 KAR v0-3to Mark Lundin | See AI 20120621-01 |
20120614-02 | Ken, Colin, Andrew | OpenClosed | Begin working Begin working as a sub-group to develop a position statement, use cases, and gap analysis for the pseudonymous approach | See AI 20120621-02 |
20120614-03 | IAWG | OpenClosed | Add an item to the IAWG’s workstream to develop an Outreach paper that describes what Kantara has to offer and how it can provide an organization with a high value service. | See AI 20120621-03 |
20120614-04 | IAWG | OpenClosed | Discuss IAWG Events on the 6/21/12 call. | See AI 20120621-04 |
20120614-05 | IAWG | OpenClosed | Discuss AOB on the 6/21/12 call. | See AI 20120621-05 |
20120614-06 | IAWG | OpenClosed | Review Action Items on the 6/21/12 call. | See AI 20120621-06 |
6/7/12 Action Items
Action Item | Assigned To | Status | Description | Comments |
20120607-01 | Myisha, Nathan, Scott, and Joe | Closed | Based on evidence produced (if any), assessors to determine best path forward (see June 7, 2012 notes) | This item was closed on 6/14/12. |
20120607-02 | Joni | Open | Move the alignment to NIST 800-63-1 to Q3 on the Roadmap. |
|
20120607-03 | Joni | Closed | Create a position statement which outlines how the pseudonymous approach benefits Kantara. | Sub-team formed on 6/14/12. See item 20120614-02. |
20120607-04 | IAWG – Champion Needed | Closed | Perform a gap analysis for the pseudonymous approach which spells out the work that needs to be done. | Sub-team formed on 6/14/12. See item 20120614-02. |
20120606-05 | IAWG – Champion Needed | Closed | Develop use cases for the pseudonymous approach. | Sub-team formed on 6/14/12. See item 20120614-02. |
20120607-06 | IAWG | Closed | Review Roadmap’s Q4 deliverables on next call. | This item was closed on 6/14/12. |
20120607-07 | Chair | Ongoing | Review Roadmap progress at the beginning and end of each quarter. |
|
20120607-08 | IAWG | Ongoing | Compile a list of end-user communities who may leverage Kantara’s Identity Assurance Program. |
|
20120607-09 | Chair | Closed | Move discussion of AOB items to June 14 agenda | This item was closed on 6/14/12. See item 20120614-05. |
...