...
- The xAL3 SACs will go as a package for 45-day Public Comment and IPR Review. The notice will be released tomorrow.
- Tom Jones made a comment on the criterion 63B §4, it seems to say you cannot have IAL3 w/ without AAL2 and he believes that wasn't the intent of 63-3. He suggested to re-write it as "THE CSP SHALL assure that the authenticator will not report an AAL higher than the IAL". It was agreed to address this comment on the 45-day Disposition of Comments. Also, it was agreed to provide input to NIST for Rev.4 on that criteriacriterion.
Kantara comments on how SP 800-63-3 could be revised for NIST’s consideration in developing Revision 4
- Ken walked the group through the comments and suggestions that have been received to date. See: Kantara Comments for Rev.4
- Andrew shared more comments which Ken will add to the Kantara input to NIST, see Kantara Initiative Mail - [WG-IDAssurance] 800-63-3 comments.pdf
- Ken will add to the submission a cover letter explaining how the Kantara generated the comments (based on line numbers etc).
- Ken plan He plans to submit the comments to NIST during the weekend as the deadline is Monday, August 10.
- The group agreed on the comments provided to date and asked Ken to add Andrew's comments and the one about 63B §4.
Review and approve the Revised Glossary & Overview
- Further review and The Glossary approval was deferred for next week.
...
- Ken said that depending on the progress we make with the urgent items, the group would be able to generate comments, but he see it may be difficult to meet the 20th deadline.
- Link to DIACC request for comments: https://diacc.ca/2020/07/20/assessment-infrastructure-technology-operations-draft-recommendations/
...