Kantara Initiative Identity Assurance WG Teleconference
Table of Contents | ||||||||
---|---|---|---|---|---|---|---|---|
|
Info |
---|
TEMPLATE DRAFT Meeting Minutes - IAWG approval required |
...
- Administration:
- Roll Call
- Agenda Confirmation
- Minutes approval: DRAFT IAWG Meeting Minutes 2013-09-5
- Action Item Review
- Staff reports and updates
- LC reports and updates
- Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
- Discussion
- Charter Refresh (continuation)
- Status update: Glossary
- Status update: Resilient Networks
- Status update: Call for comments on ISO 29003 draft clauses
- AOB
- Adjourn
Attendees
Link to IAWG Roster
As of 1 July 2013, quorum is 5 of 9
Info |
---|
Meeting achieved quorum |
Voting
Non-Voting
Staff
- None
Apologies
...
- Scott Shorter
- Matt Thompson
- Rich Furr (V-C)
- Cathy Tilton
- Myisha Frazier-McElveen
...
- (
...
- C)
- Andrew Hughes (S)
...
...
...
Non-Voting
...
- Terry Gold
- Ken Dagg
- Linda Goettler
- Helen Hill
- Jeff Stollman
- Kim WHite
- Colin Wallis
...
- Peter Alterman
Staff
- None
Apologies
- Bill Braithwaite
- Richard Wilsher
Notes & Minutes
Administration
...
Motion to approve minutes of 2013/09/05: Rich Furr
Seconded: Matt Thompson
Discussion: None
Motion Passed | Passed with amendments | DefeatedPassed
Action Item Review
See running table below
...
LC Updates
- None this week - holding an off-cycle call 18 September to get Charter update statuses
Participant updates
- None this week
Discussion
Charter Refresh
The current working version of the Value statement is:
"Kantara exists to develop and/or operate rules for operators of online services, enabling verification of the trust layer providing high-value, privacy-preserving identity and access."
Discussion 12 September 2013:
Reviewed updated draft
- General agreement that 2 Vice Chairs would be preferable - one technology, one policy
- "As IAF improves, users of IAF see potential reduction in identity related fraud risk"
- Look for synergy between IAWG and HIAWG work on multi-TF harmonization
- CSP point of view - forum for influencing the IAF to meet market requirements. Measurable set of criteria to build systems and proceses and policies against.
- Assessors: Standardization of assessment processes. Forum for influencing IAF toward more streamlined and standardized.
- CSP Customers: IAF allows CSP to assure and customers to be more confident in trust worthiness of services
- Assessor Customers: Assessed entities risk of weak implementation of services is reduced.
- As a discussion forum: IAWG gives an opportunity to work with assessors and Kantara resources to help understand the Approval processes and requirements
- As a discussion forum: IAWG is essential for understanding the overall Approval processes - on ramping new entities getting into Trust Frameworks
- Scope: include 'edit/author the IAF itself
- Scope: Engaging other parts of Kantara to improve the IAF/expert knowledge
- Out of Scope: looks fine
- Question: if an Applicant has technology that is not described in 800-63, how does Kantara deal with evaluation of equivalency.
- If going for FICAM approval, need to be assessed against the FICAM Technical profile - that's where the risk assessment of the technology must happen
- For non-FICAM - the analysis by Kantara is appropriate. Perhaps the Federation Interoperability group would be the place for technical evaluation discussions for non-FICAM approvals
- IAWG could contribute to a Report that does an analysis of the technology from a policy perspective - would need other WGs to contribute from a technology evaluation perspective.
- Technology agnostic: add "to the extent possible"
- ACTION: Andrew to update Charter working drafts
Discussion 5 September 2013:
These bullets are instructions to the draft charter editor - they will be reflected in the working copy at IAWG charter refresh draft (fall 2013) - with comments
...
- Need to include roles and responsibilities division between ARB and IAWG and LC for the IAF processes
- Where does execution of processes for certification of credential providers live?
- Joni planning a "Leadership deck" to help chairs to understand processes and their execution
- Many of these processes are already defined in the Kantara Operating Procedures
- Need to reflect the firming up of the distinction between Kantara's Service Operations versus Kantara's Innovation divisions
- IAWG should be confirmed as the Subject Matter Expert pool that the ARB can draw on
- ARB is the operational arm of the IAF
- ARB is not refreshing their charter at this time
- Stronger language needed in charter to keep IAF documents up to date
- Difficult to keep document set current due to the nature of the documents. Focus in necessarily on the SAC.
- Need to focus on low barriers to adoption and consumability by entities wishing to seek Approval - should not have to rely on experts to do basic interpretation of documents
- Further discussion needed to examine current IAF document set structure, areas needing refresh and perhaps extraction of non-core information.
Status update: Glossary
...
- See action items
Status update: Resilient Networks
...
- No new information at this time
Status update: Comments for ISO 29003 draft
...
- Scott thanks the IAWG for their feedback and comments on the drafts - they are being incorporated as appropriate
AOB
Action Items
Item # | Description | Assigned to | Est. Completion | Status |
---|---|---|---|---|
2013-06-06-005 | IAWG-NIST F2F in DC area to discuss approach and feedback on 800-63 v IAF analysis approach (2013-Aug-1): Comment that perhaps ICAM should be invited as well. | Staff / IAWG Leads | TBD | Not started |
2013-06-13-001 | Chair to discuss with Exec. Director the need for a Content Management System analysis and potential tool for IAF/SAC & funding options
| Myisha Frasier-McElveen | September 2013 | In progress |
2013-06-13-002 | Glossary updates underway. Next draft should be available in 4 weeks
| Ken Dagg | Updated:12 Sept 2013 | In Progress |
2013-08-1-002 | Forward Ticket items that have been resolved to correct lists for next action.
| Andrew Hughes | 8 August 2013 | In Progress |
2013-09-12-001 | Charter redraft work item
| Andrew Hughes | 19 September 2013 | In Progress |
2013-09-12-002 | Status update on Resilient Networks work item
| Myisha Frasier-McElveen | 19 September 2013 | In Progress |
Recently Closed Action Items
...