Versions Compared

Old Version 7

changes.mady.by.user Former user

Saved on

compared with

New Version 8

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Ken mentioned that the LC meeting is next week.
  • Ken said that MDL mDL is moving forward at some point into a Work Group.
  • ED pointed out that the Secure Technology Alliance has been taking the lead on advancing the course of mDL in the US specifically. There has been significant help from Kantara with the preparation of the white paper, now they are preparing a series of webinars to highlight aspects of the white paper that they released a couple of months ago. At this point it is webinar 3, Kantara is pretty much taking that whole thing. Matt Thompson is giving an overview of the perspectives around Trust and Privacy in this area. The second speaker probably is Andrew Hughes, he will be talking about what the Identity Assurance Framework does and how potentially it could have a Conformity Assessment for mDL. It was said that the the STA webinar, “Privacy & Trust in the mDL Ecosystem” will be held Thursday, June 25 at 1pm ET/10am PT. Registration is available at https://securetechalliance.webex.com/securetechalliance/onstage/g.php?MTID=e966db1bd86f0be6d86fe10fc09ed171b.

...

  • ED mentioned he has been discussing with Leadership Council and the Working Group Chairs on furthering a webinar summer seriesWebinar Summer Series, to do them over the course of July. It would be nice that the IAWG can step up to lead one of these, Ruth is going to be leading one specifically on the Trust Framework Assurance Program.

...

  • Ken explained that as a result of the work that the ARB has done, the Service Assessment Handbook has been revised. Richard Wilsher was the main editor behind it and as a result of that work, some terms came up and had to be added to the Glossary Overview.
  • Richard added that what they are asking for, is a review of those terms that have been revised or introduced and to identify any problems with the scope of the definition. It is important to understand that it cannot be used another term unless that term has already been defined.
  • Comments have to be added in the Comment’s sheet that Richard provided. Ruth added that she posted on the chat the instructions and the Comment’s sheet that Richard provided.provided Call for comment: Revised Glossary terms
  • Tom commented that there is one term in there “Credential Management” he has doubts about, he has not seen it in the 800-63 document. Is it part of the group scope? Or is it linked in some other way? Richard explained that there is a broader scope than just the 800-63, the Glossary addresses everything within the Identity Assurance Framework. Tom asked if it was intentionally included complaints management as part of the scope of the group. Ken and Richard answered yes. Richard said that having gone through proofing and then bound to an Identity, thus to a credential, credentials need to be managed, to be revoked or renewed and they may need to be destroyed at some point. Tom argued he has a problem with the idea of a Credential Service Provider maintaining information about users. Richard stressed that someone has to revoke the credentials, Tom said he disagrees this is a function of the Credential Service Provider.
  • Tom continued saying that in an online world you do online certificate validation, probably revocation is the wrong term; and online validation probably is the right term. It was argued that it is not that revocation is wrong, to the contrary, both would be necessary.
  • Ken suggested to move this discussion as a discussion point for next meeting, so a further analysis can be done.

...

  • Ken commented that the IAWG will start coordinating this submission of the comments for NIST. 
  • NIST Deadline for Comments: August 10, 2020


2.Update on xAL3 Sub-group, which is preparing new criteria for each of 63A/63B/63C_SAC, for IAL3, AAL3 and FAL3 respectively:

...