Hello everyone
...
As we begin what may turn out to be a history-making tumultuous first full week in OctoberNovember, I'm finding it quite calming and satisfying to reflect on the month just past.
Kantara's slew of announcements in September continued into October. Kantara's conformity assessment, assurance, approval and Trust Mark program continues to draw draw global recognition, largely reflected in the new members joining last month - Exostar, Mastercard International, Oxyliom Solutions from the EMEA and the US Federal Government's GSA. The latter's rejoining provided a useful platform to launch a regular call cadence amongst reps representatives from the Australian, NZ and US agency members of Kantara that operate government-run digital identity services. Such indicators, along with the recent Kantara - SAFE Identity press announcement to cross-recognize each other's Trust Marks at full service equivalencyequivalency for new approvals going forward, are early signs of maturation of the digital identity ecosystem and hopefully the sunset on the 'gold rush' phase that has thwarted it in recent years.
The supreme (largely volunteer) efforts of the Identity Assurance Working Group to develop the assessment criteria as well as the Assurance Review Board that govern the scheme, are both foundational to the operation of the the Trust Framework and deserve a special mention here. It was great to see the successful All-Member-Ballot approving the 63C and level 3's of the Kantara NIST SP 800-63-3 Digital Identity Guidelines criteria (IAF Major Release) with the support of ID.me that underwrote the costs of the technical editor. Kantara's community oriented, transparent and cost-free Working Work & Discussion Groups - Identity Assurance, Health Identity Assurance, Privacy & Identity mDL to support ISO 18013-5, Federation Federated Identifiers for Resilient Ecosystems (FIRE), Federation Interop, Information Sharing Interop and UMA -
I do think, however, that there is an emerging pattern. Kantara has a highly reputable, globally recognized assurance program for accrediting assessors and approving that applicant service providers' solutions are conformant with a given standard - NIST SP 800-63-3 being most sought after in recent times. COVID-19 has put the spotlight on the need for more digital interaction with government by its citizens and with consumers more broadly. Digital identity is fundamental to addressing those interactions, especially if they are higher risk transactions for payments etc from Government. Ergo, public sector interest in Kantara. That's my theory anyway, but I'd welcome your view! This circle of interdependence is something that the Board recognizes too, as members will see in the next couple of months when its review, and refresh, of Kantara's strategic direction and priorities are presented for wider review and comment.
Remember also that Kantara is structured so as to enable its community working groups and discussion groups to act as the steward for the frameworks and associated assessment criteria for conformance to standards within those frameworks. While not all projects, from all groups, lean this way, when they do, great synergy can be achieved. For example, the IAWG, which is comprised of experts from the private, public and Higher Education sectors as well as individuals and accredited assessors, develop the assessment criteria for Kantara’s Identity Assurance Program. Alongside developing submissions to requests for contributions on digital identity-related matters as part of Kantara’s global civic duty, IAWG also develops the assessment criteria needed for the accredited assessors to consistently assess and report their findings on applicant service provider solutions.
Toward these dual ends, the IAWG has had a huge few months. Firstly, in relation to NIST SP 800-63-3, the IAWG developed criteria for 63C (FAL2 and FAL3), as well as the level 3 criteria for 63A (IAL3) and 63B (AAL3) that are coming to the end of their All Member Ballot period. Thanks to ID.ME for its sponsorship of this effort. (NOTE BENE: If you are the primary representative of your organization, or an individual member, please do your duty to the community by abiding by the email sent to you and casting your vote on this important work). Secondly, last week the IAWG completed and submitted its input to the open public consultation on the European Union's eIDAS regulation. Some of the response was submitted as a response to an online questionnaire (which we can't link to) but our additional responses in support of the online questionnaire is here. Thank you individual contributor member Mark King for leading the active, and animated discussion at meetings and on the list regarding this, and to Staff (Ruth) who took it on the final path to submission.
I'm pleased to announce that material progress had been made on the long-waited Kantara mDL Discussion Group. Kantara Individual Contributor member John Wunderlich successfully proposed a Charter to the Leadership Council. This DG - actually called the 'Privacy & Identity Protection in mobile driving license ecosystems' , the PImDL DG - will focus on rounding out the ISO 18013-5 mDL standard's privacy and security recommendations in Annex E.
While Kantara Europe remains very busy with coaching existing NGI_Trust projects, Kantara Initiative Education Foundation reached a milestone by submitting its first ever grant funding application to one of the US DHS grant funding programs, arising out of the FIRE WG. Our thanks to individual contributor members Sal D'Agostino and Tom Jones for the heavy lifting on this.
I could not sign off on this blog without particular mention of Kantara's announcement last week that Kantara and SAFE Identity have entered into a non financial, non exclusive agreement to co-market and recognize each others non-PKI and PKI Trust Marks respectively where reciprocity exists. This news is not only foundational for the organizations themselves but also profound for the industry. For as many years as I have been in this industry (over 15 years now), I have seen continuous fragmentation and 'gold rush' self interest prevail. Collaboration amongst competitors, when it did happen, was usually around standardization and development of best practice in the neutral venues such as Kantara or standards setting organizations that suit multiple parties objectives. The Kantara-SAFE collaboration is a major change. By recognizing and respecting each organizations' strengths and capabilities we both have recognized that complementing rather than competing is a rational approach. To me it signals - at last! - that this industry is capable of removing friction for the betterment of its stakeholders and consumers and that we are here, in this ecosystem, to serve. all play, beyond the great outputs they achieve in their own right (here's a great recent example from the FIRE WG - Mobile Authentication Assurance Statement), an important role as feeders into Kantara's Trust scheme. And behind the Work & Discussion Groups, stands the grant funding vehicles of the Kantara Foundation and Kantara Europe to seek and operate Applied R&D projects.
Looking forward to this month, November, members will see emails on various matters as we prepare for 2021, starting with a heads-up on what's to come. The Annual General Meeting is coming up at the end of the month where President Matt will share the strategy work that the Board has been focussed on in recent months to seek your feedback, and the Work and Discussion Group Chairs will share the results of their efforts and work plans for next year. There will be a call for nominations for the two Directors at Large positions for 2021 from the general organization membership, and a sneak peek at a new 'view' of our membership, spread across the world as it is. Finally, there's a reward for members' support this year with complimentary VIP Guest Passes to an upcoming event.
Speaking of members' support, thank you so much to the following organizations and individuals that have renewed recently: GakuNin (Japan), Easy Dynamics Corp (USA), Airside (USA) and Individual Contributors Lorrayne Auld, Ian Glazer, and Sal D'Agostino.
For me personally too, November is busy, as the 2020 (now virtual) conference season draws to a close. I will be a panelist at Think Digital Identity for Government and moderator and multiple panelist at Identity Week. Never being one to hold back what I really think on digital identity related topics, please join the fun at these events!
Onwards!
Kind regards,
Colin
...
Follow us online: https://twitter.com/KantaraNews and https://twitter.com/UMAWG and https://twitter.com/KantaraCISWG.
- Miss something? See our press releases here.
Want to start a Kantara local chapter in your town? We are happy to help. Just Contact us.
Program, Work Group and Discussion Group Updates:
You can always keep up with the latest news from the Work and Discussion Groups directly on the Leadership Council's Blog. See the list of public groups here.
...