Versions Compared

Old Version 4

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Quorum: As of 2019-12-19, quorum is 3 of 5. There was quorum


Agenda

 

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Action Item Review: action item list
    4. Minutes approval 2020-08-06 DRAFT Minutes
    5. Staff reports and updates - Director's Corner 
    6. LC reports and updates
    7. Call for Tweet-worthy items to feed (@KantaraNews)
    8. Discussion
  2. Approve Revised Glossary & Overview - available at the wiki HERE

a.Review Statement of Criteria Applicability (SoCA) templates - available at the wiki HERE 

b. Review and Comment on the eIDAS Regulation - See EC Public Consultation 

     3. AoB 



Minutes Approval

2020-08-06 Minutes were approved by motion. Moved: Martin Smith; Seconded: Richard Wilsher. Unanimous Approval.

...

Staff reports and updates - Director's Corner 

  • OMC ONC asked for a five minutes presentation on Kantara and they specified the points they wanted to be presented.
  • The Future Identity Council is a new organization coming to Kantara headed by Gail Hodges (ex-Apple) that works in the non-profit space. She is very well connected and has this notion that the mDL developing in the US is ultimately going to become a co-identity authenticator. In addition, she is seeking all parties to come and support that.
  • Martin commented about Tom Jones’ Draft that the idea of certifying applications suitable for Healthcare, Identity services and that is of particular interest to this group because it will imply development of criteria to implement that. He would like to see IAWG HIAWG suggesting a distinction between record matching vs patient identifiers.
  • ED said that if there is interest, Tom’s Draft should be shared.
  • Tom Tom shared the core document behind the healthcare profile with IAWG, https://wiki.idesg.org/wiki/index.php/Trustworthy_Healthcare_Ecosystem#Full_Title. He commented that Katherine was a major contribution contributor to the document, he explained they had worked together. It is waiting for approval from IAWG HIAWG to be sent to the OMCONC. The idea with Kantara Educational Foundation was to put together a plan to get funding to do the work for compliance of mobile apps and healthcare.Martin mentioned that from the point of saying how it could be picked up a different focus assessment criterion process and whether that would be IAWG or a different group, it is a piece of work.
  • Tom stressed that the point is to get funding and then, work can continue.
  • Richard asked if it is going to be all put together in one framework. Tom said it could be done.

...

Motion: To Approve Revised Glossary & Overview.

Moved: Martin Smith; Seconded: Mark Hapner. Unanimous Approval.

...

Review Statement of Criteria Applicability (SoCA) templates 

  • Richard explained that the requirements for this arise from the ARB wanting to have something which states emphatically which of the criteria from any applicable SAC expecting to be conformed to. Therefore, what they want to see is a statement of criteria applicability (the SoCA) which has a determination against every criterion as to whether is applicable. The requirements for this and the explicit terms to be used, are defined in the Service Assessment Approval Handbook. Now the Applicability column in the document is next to what the tag of the criteria is.
  • Richard commented that the CO-SAC and OP-SAC were changed into the same format as 63 a) b) c) A B C in Excel.
  • He also explained that in the document in bold are shown any increasing rigor.
  • He clarified that it is important for the IAWG to consider that there is no IAL 1 IAL1 criteria for xAL, there is no assessment at level 1.
  • Richard asked if IAWG is happy with moving forward with this as the primary source of the criteria instead of the Word Document. It was asked if it was allowed self-attestation at level 1. 
  • Richard proposed to have simpler tags on the document. It was agreed.
  • He also commented that in the Word version there is a lot more text, his idea is to take all the useful text out of the Word version and produce a new document, in there it will be added guidance for using the Excel spreadsheet.
  • It was commented that the guidance and how to use the spreadsheet is a valuable document.
  • It was proposed to change the word ‘document’ into ‘spreadsheet’.
  • Richard said that the IAWG needs to approve the CO-SAC and OP-SAC in the Excel form. However, since none of the requirements changed, it does not need to go on five days reviewto Public Comment. It would allow it to be published.
  • Richard asked if it could be approved.
  • Ruth responded that it is needed ARB input.
  • It was added that it has to be made the recommendation that it does not need the 45 days review and have LC approve it. Ruth explained it is just for the Assurance Program.
  • Ruth also made clear that IAWG approves it and then if ARB needs some changes, Richard has to consider those. However, given that this is a link to SACs, Richard thought that the authority to approve this was the IAWG.

 

  • Ruth suggested to send the SoCA template for ARB input.

Motion: To approve CO-SAC and OP-SAC in Excel form as presented subject to the tags being optimized.

...

Review and Comment on the eIDAS Regulation

 

  • Mark said that the first point is the bureaucratic one. He commented King commented that he signed as a non-voting member for political reasons, now bureaucratically it would be appropriate for him to change to voting member so he could second motions, etc. The Chair accepted the request.
  • He remarked he wrote an email about eIDAS Regulation with some thoughts and comments on that. It is in two different parts; one is Identity which is actually restricted in a very narrowed area, the second is the Trust Services and the rules. How things are assessed are important in that.
  • It was asked when said that the deadline for comments is.Mark said it is October 2nd. 
  • Martin asked if it applies only to RPs that are public services. Mark K. said that it does at the moment. He added that in relation to liability in the public sector, they have full acceptance on taking it.
  • It was concluded that IAWG has to work with Mark K. to develop some comments in a future meeting.
  • Next meeting was scheduled in two more weeks, August 27th.

...