Versions Compared

Old Version 7

changes.mady.by.user Martin Smith

Saved on

compared with

New Version 8

changes.mady.by.user Martin Smith

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Voting Participants: Ken Dagg, Martin Smith, Richard Wilsher, Mark Hapner, Mark King

Non-voting participants: Jimmy Jung, Jeremy Haines PradeepHaynes, Pradheep Sampath, Rohan Pinta Pinto , Roger Quint, Blake Hall, Pete Eskew, Eric Thompson

Staff: Kay Chopard,  Ruth Puente

Quorum: There was quorum.

Agenda:

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Minute approval (DRAFT minutes of 2021-06-03)
    4. Staff reports and updates
    5. LC reports and updates
    6. Call for Tweet-worthy items to feed (@KantaraNews)
  2. Discussion
    1. Consideration of 'comparable alternatives' - See: https://groups.google.com/g/idassurance/c/GIGLjValdg4
    2. Australian Digital Identity Legislation Consultation Phase 2 - See: Public consultation on Australia’s Digital Identity legislation
    3. Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity. See: https://digital-strategy.ec.europa.eu/en/library/trusted-and-secure-european-e-id-regulation
    4. d. Component Service Consumer criteria.

...

Chair comments: Ken welcomed the new Kantara Executive Director (ED), Kay Chopard, and invited her to introduce herself. Kay said she is very impressed with the variety of important work being done in Kantara and specifically in the IAWG, citing today's full agenda as an example. She has so far been fully occupied with learning how Kantara operates and meeting people in Kantara and from other organizations interested in working with us, but she looks forward to contributing to the substantive work very soon. She called out particularly the assistance Ruth Puentes Puente has been providing to support a quick and smooth transition.  She invited meeting participants to reach out to her at kay@kantarainitiative.org.  

...

Staff reports and updates: Ruth Puentes Puente reported that the assessment program is quite active and she anticipates approval of 4 or five new SPs over the next two months. 

...

Consideration of 'comparable alternatives' - See: https://groups.google.com/g/idassurance/c/GIGLjValdg4

Ken asked Richard Wilshire Wilsher to introduce the topic and provide background. Richard reported that a US Federal agency has asked how Kantara would handle its using a CSP implementing a "compatible alternative" to the IA controls included in 800-63-3.  He said Sec 5.4. does allow US Federal agencies to use "comparable alternatives" and provides some guidance on how that would be done. Richard suggested that KI might perform an assessment of a service that used an alternative control, but he feels that Kantara can't take on determination of what is  "comparable." He shared draft language for an approach to this issue Kantara might take. Richard further reported discussion of this issue with David Temoshok of NIST. He said David strongly discouraged KI involvement in assessing these alternative controls; he further believes use of such alternatives would only be appropriate to address a use-case unique to one agency. and that sign-off for use of an alternative control would have to be made at the agency executive level, i.e., by the CIO.  

...

Roger Quint said the question is: what are we rtying trying to accomplish?  Are we devleoping developing a general strategy for addressing special cases?  He said Kantara should avoid getting in the middle of hard determinations. 

...