...
Quorum | |
---|
Notes-Status | Status |
---|
colour | Blue |
---|
title | draftingReady for review |
---|
|
|
---|
Approved-Link | TBD |
---|
Info |
---|
The meeting status metadata table is used for summary reports - copy the status macros from the table in these instructions: Quorum: Status |
---|
colour | Yellow |
---|
title | not quorate |
---|
|
Notes-Status: Status |
---|
colour | Blue |
---|
title | Ready for review |
---|
|
Approved-Link: Insert a link to the Meeting Notes page holding the approval decision for this notes page |
...
\uD83D\uDC65 Attendees
Voting: Andrew Hughes, Jimmy Jung, Mark King, Mike Magrath, Yehoshua Silberstein
Nonvoting: Nathan Faut
Staff: Amanda Gay, Kay Chopard, Lynzie Adams
Guests: Lisa Balzereit
Quorum determination
Meeting is quorate when 50% + 1 of voting participants attend
...
Link to draft minutes and outcome | Discussion |
---|
| No quorum in early part of meeting. Meeting approvals will be handled 2024.05.16 |
\uD83D\uDDE3 Discussion topics
Time | Item | Presenter | Notes |
---|
| Kantara Updates | Kay Chopard | 17065-first desk audit is in June. The new auditors are doing a gap analysis for the US Program as well. Things may be funneled to IAWG as needed, in terms of a program restructure and consistent vocabulary in relation to 17065. Amanda Add ISO 17065 Discussion Items to Future Agenda
|
| Assurance Updates | Lynzie Adams | ARB’s work is ramping up, with questions arising. These will be funneled to IAWG as needed. |
| IAWG Update: Kantara Liaison with ISO SC7/WG5 | Andrew Hughes | ISO 29003 Not published–hanging around, and now has to be updated, according to ISO rules. A group will be assembled outside of this ISO group to write a contribution into the ISO process RE: identity proofing and verification in a way that is consumable for international standardization and its stakeholders. So when it hits ISO work group, it can’t be derailed. This will not be inside IAWG itself (IAWG will have rev 4 for future work) This will likely be a spin-off work/discussion group. Hope to spin it up by the end of May in order to attract the trustmark companies that do ID proofing. Will also invite national body experts from ISO committee Mark King questions–just people (natural persons), not legal entities Any definitions/challenges aligned with wordings used by OECD or others in the international sphere? Concept maps will be first piece of work for this new group and will partly address vocabulary
|
| NIST Supplement: https://www.nist.gov/blogs/cybersecurity-insights/giving-nist-digital-identity-guidelines-boost-supplement-incorporating | Andrew Hughes | First Supplement against 800-63 rev. 3. This will be superceded by rev. 4. Kantara will have to modify 63B to accommodate this Andrew’s interpretation-NIST is bringing forward rev. 4 requirements so that they apply today in the rev. 3 world and thus establishing a precedent of supplements to 800-63 rev. 3. IAWG case with applicant and comparable controls (800-63 63#A0180): IAL2 can be achieved with 1 strong and 2 fair pieces of evidence. Rev 4 says that IAL2 can be achieved with 1 strong and 1 fair pieces of evidence. Is 1 strong/1fair acceptable in today’s environment or do we have to wait for rev 4 to be finalized? Should IAWG draft a proposed second supplement related to criteria 63#A0180?
- Motion by Jimmy Jung - Andrew to draft correspondence/supplement to NIST RE: bringing rev 4 (1 strong/1 fair evidence requirement for IAL2) to today’s rev. 3 world. Andrew Hughes seconds. Motion Passes. Discuss write-up at next IAWG call.
Andrew Hughes Draft correspondence/supplement to NIST RE: bringing rev 4 (1 strong/1 fair evidence requirement for IAL2) to today’s rev. 3 world. |
| Proposed S3A edits to enhance transparency (as proposed to ARB) | Jimmy Jung | Jimmy put forward a suggestion that we tune the template for S3A with the intention of better communication (to ARB/IAWG)--improve transparency related to systems/workflows Looking for cleaner document–is there a need? Lynzie-ARB likes the idea of Jimmy’s proposal and the idea of IAWG tackling this in a smaller taskforce (with ARB having final review and final publication rights) 17065 should be embedded in the S3A adjustment Yehoshua: the S3A should be mapped to the working spreadsheets Jimmy-would want to hear from UK guys as well (Amanda Connect UK Auditors with Jimmy)
|
| Proposed 63A#0180 Revisions: 63A#0180 - proposed criteria adjustment (circulated by email 2024.04.06 by Richard Wilsher, attached for convenience) | | Hold until 2024.05.16 |
✅ Open Action items
Info |
---|
Action items may be created inline on any page. This block shows all open action items from all meeting notes. |
...