Membership Restructure changes to take effect January 4, 2018
Publications: The following 7 and earlier publications were downloaded over 700 times - demonstrably proving Kantara's contribution to the global identity and personal data communities - members and non members.
UMA 2.0 finished development and just completed its 2nd 45-day IPR & public review before minor edits and official publication.
Consent Receipt v1.0 was published, v1.1 developed completed and is nearing the end of its 45-day IPR & public review period, with official publication in March.
SAML V2.0 Implementation Profile for Federation Interoperabilityfinishedand completes its 2nd 45-day IPR & public review on January 1st, superseding the eGovernment Implementation Profile V2.0 of 2011.
Report completed by the eGov Working Group on the 'Code of Conduct for Relying Parties for services to Government' is being prepared for official publication.
Report completed and published by the IRM Working Group on 'Refining the Design Principles of Identity Relationship Management', building on implementation experience from the original report a year or so earlier with a similar name.
Report completed and published from the Blockchain and Smart Contracts Discussion Group. Here is a quote from a large US federal agency employee. "It was a pleasure to read, both well written and informative. (I’ve been reading a lot of BAD blockchain papers and articles lately;-)). The discussion of Smart Contracts is the best I’ve read. I’m going to pass it around to try to counter all the crazy Smart Contracts will solve all our problems talk going around the [entity redacted ] right now".
Kantara's Service Assessment Criteria for 800-63-3 at IAL2 & AAL2 for future conformity assessment developed and currently out for 45-day IPR & public review.
LC Chair Report
The Kantara Initiative is the global consortium improving trustworthy use of identity and personal data through innovation, standardization and good practice.
Corporate members needed - membership dues offset operational costs and allow the Groups to operate with a 'No-Fee' participation structure.
Continues to be very strong interest in Consent management and Consent receipt
New Consent Management Solutions WG has been launched. Collecting Participants now - first meeting mid-January.
New Business
WG/DG Updates
Administrative Reminders/Requests: Please ensure your WG and DG charters are reasonably current. These are supposed to be reviewed annually.
IRM WG - WG discussing what the next Publication topic will be
OTTO WG - OTTO v1 spec under development. Adding budget for developer in 2018
UMA WG -
UMA v2 All member Ballot now closed - 29 yes, 1 no (with comments)
WG is analysing and addressing the concerns - work has started on a threat model document
Comments are related to attack surface and mitigations
Once done, the 2 specs will be ready to publish - looks like January publication date
UMA v2 is now available for download
BSC DG - Report is now available for download
IA WG - Service Assessment Criteria to match NIST SP 800-63-3 are in Public Review until January 29 2018
CIS WG - Consent Receipt Specification v1.1 in Public Review until January 20 2018
eGov WG - LC Ballot
open to approve
closed - approval for publication of the report
FI WG -
Public review underway until January 1 2018
Has a disposition of comments been completed? next step is All member ballot
IDoT DG- ?What Report is being developed for publication?
Launching New WG/DG's
Work has started to draft a charter for a new Blockchain WG (Hardjono, Maler, others)
New publication type
Andrew proposes to define a new type of Kantara publication: the 'Best Current Practice' Recommendation. This would follow the same intent as with IETF BCP documents.
Currently the publication type: 'Recommendation' has sub-types of 'Recommendation' and 'Technical Specification'. The 'Best Current Practice' would become a third sub-type.
"The BCP subseries of the RFC series is designed to be a way to standardize practices and the results of community deliberations.
A BCP document is subject to the same basic set of procedures as standards track documents and thus is a vehicle by which the
IETF
IETF
community can define and ratify the community's best current thinking on a statement of principle or on what is believed to be
the
the
best way to perform some operations or IETF process function."
TIIME, Vienna Feb 5-8: A few of us going, no current plans to workshop (but we could), getting tight timewise to announce an EU Plenary there.
OWI, DC March 26-28. A few of us going, Kantara panel with Andrew, Id.me (Tracy Hulver), me, possibly Mary Hodder and/or Kaliya. If enough LC there could consider a plenary if enough interest.
IIW, MV, Tues April 3-5, No plans to sponsor, but ForgeRock has offered its offices on Friday 6th for F2F Board/LC and or Plenary if you want it.
RSA April
EIC, Munich May Tues 15-18, Pre-conf workshop confirmed for the morning of the 15th. Who will speak at it? I need to know today. Lots of us going and speaking at the main event.. Can do EU plenary on Monday 14th if you enough interest.
IPS (Kantara's first ever branded conference), London Tues May 22nd. Who can speak at it? (currently is Mark/Sal, Mike, Colin, Robin W, Allan F (Eve?). We can hold a UK Plenary on Monday or Wednesday if there is enough interest.. and I think there is already.
Identiverse, Sun June 24th - 27th, Boston. Community expo space secured for us @same deal as last year. Gluu already taken 1 of the 4 spots available. Was Cirrus, Gluu and ID.me last year. Could hold a plenary Sunday morning through mid afternoon if enough interest. Who has submitted speaking proposals?.. Eve, Andrew and I have.
Discussion
Topic
Discussion
2018 Plenaries
Kantara must start having regular in-person Plenaries
Probably Europe and North America
Spaced 4 months apart? 6 months apart?
Options?
Tack onto existing conferences?
Standalone event with sponsors?
Agenda
in-person WG meetings?
joint WG meetings?
"something to hack on" to draw people
opportunity for active participants to bring others from their company to see what is coming & value from Kantara
Possible dates
EIC Munich May 15
Pencil in for May 14 / Monday afternoon
No volunteers to lead the organizing of the event
2018 Group Plans
UMA 2018
2016 plans are now executed - longer than expected
Charter and roadmap discussion January 18
Joint Consent Receipt / UMA; Legal framework & business model; github issue around extensions
IAWG 2018
Discussion/Decision needed on which part of IAF/SAC update to do next
to happen after the 63-3 based updates are completed
Looking at other trust frameworks / new trust marks for new SACs
How to assist CSPs to transition from 63-2 to 63-3
OTTO 2018
More work to do for schema/vocabulary in JSON-LD; finishing up SAML/OIDC; re-edits needed for finalization
OTTO v1.0 is possible in 2018
Need strategies on adoption - work with a federation to use OTTO
CIS 2018
Possibilities: 'proof' of implementations via case study; interop testing/approaches; formalization of extensions to meet different regulatory requirements; formalization of profiling to constrain for 'community' implementation; more example for things like Purpose/Purpose categories; contribution to ISO
IRM 2018
"Relationships as a technique to look at ID Governance"; directory relationships; graph applications;