...
- Ken has walked the group through each of the initial comments he added here DIACC-Comment-Submission-Spreadsheet-Verified-Organization-ENG KD (1).xlsx
- Ken was disappointed with the amount of editorial mistakes on the text.
It was commented that it's critical that when we are doing business, the organization we are making a transaction with be a verified organization. The main goal is to have process in place to ensure that federation networks are accountable and reliable and that exists and can be collected.
- Ken said that on the Privacy related ones, they must identify a valid reason for collecting information and get the proper consent. Richard asked if it's exclusively for the purposes of identity proofing. Ken confirmed yes. Richard stated that 63-3 provision on that says that we only should collect only information to uniquely establish the identity.
- Martin asked what aspect DUNS does not cover. Richard added that it's not a guaranteed source. Martin clarified it's a British entity. Ken will investigate about DUNS Registry.
- The participants agreed with the comments and asked Ken to submit them to DIACC.
- Ken asked if some of the these PTCF criteria can be included in the Kantara IAF. Richard, answered affirmative but he suggested to wait for DIACC to refine the text and then explore its adoption.
- Ken pointed out that PCTF could be another KI class of approval. Richard added that we could extend the range of criteria in the CO-SAC, which will affect Classic and 800-63 rev.3, but it won't solve the Canadian requirements. Therefore, Richard supports Ken's suggestion that the better path would be to create a new class of approval with the Canadian full set of criteria.