Page Comparison

• Agenda for this month's Leadership Council call:
  - Member/Participant meeting on October 26 - what will we work on?
  - Reminder to update/re-confirm charters and leadership elections
  - Need to fill one seat to join Ken Dagg to represent Members on the Kantara Board - must be an active Chair/Vice
  - Your workplans for 2019 - what will your Group deliver?
• Upcoming conferences and speaking proposals
• AOB

Draft minutes for approval:

2018-04-25 Meeting notes DRAFT

2018-03-21 Meeting notes DRAFT

2018-02-21 Meeting notes DRAFT

2018-01-17 Meeting notes DRAFT

2017-12-20 Meeting notes DRAFT

2017-11-15 Meeting notes DRAFT

2017-10-18 Meeting notes DRAFT

2017-08-16 Meeting Notes DRAFT

2017-05-17 Meeting Notes DRAFT

2017-03-15 Meeting Notes DRAFT

2017-01-18 Meeting Notes DRAFT

"To approve listed meeting minutes"

Motion by:

Second:

Discussion:

Result:

Director's Corner: 2018: August

Keeping up with Kantara: 'Keep up with the Kantarians' email blasts

• August revenues are up this year (yay!)

• Lots of inquiries on all things Kantara
  • Assurance program, H2020 bid, and other work group work

The Kantara Initiative is the global consortium improving trustworthy use of identity and personal data through innovation, standardization and good practice.

From 2018-08 call:

• 3 hours in San Francisco, Friday after IIW
• Discussion about requirements for data porting from one provider to another - possibly in reaction to the "Data Portability Project" of Google/MS/Twitter/others
• Scott Ferman - responsible for the Forgerock Demo platform - a 'real' UMAnitarian - might be interested in attending. Also someone from Eve's team.
• Maybe UMA interop for conformance testing? (Gluu, Forgerock, WSO2, KeyCloak, other HEART/Healthcare-focused)
• Possibly Consent Receipt topics (next version of schema, develop next demo)
• Graph models for relationship expression? UMA business relationship graphs/design patterns?
• Colin has opened registration for the October 26 2018 event
  • ACTION: Andrew to create an agenda for the Plenary & share it

2018-09-19 call:

• Possible "Personal Information Protection Company" (PIPC) pilot discussion (David Thelander)
• A joint WG piece of work
• Discussion on how to align or unify WG activities
• Discussion on a "Product Roadmap" for 'Consent'
• Assurance: roadmap discussion on IAF, IDEF, Privacy assurance
  • e.g. a new DG about how IAF and IDEF inter-relate
  • How to engage with Consumer Reports (Privacy & Security ratings)
  • Evolution/roadmap of conformity assessment program
  • The IDEF charter looks very broad
• Conformance testing
  
  • Gluu has done some interop testing with KeyCloak - very useful
  • Gluu is reaching out to WSO2 who is now out of beta
  • Eve anticipates that more 1:1 matrix testing will occur in 2018 - leading to more formal testing program in 2019
  • (sidebar) Korea / KISA is interested in UMA conformance testing - we need to find out what deployments exist

• The "Blinding Identity" taxonomy sounds like a good idea - keep talking about it.
• Q: Is the IDESG Privacy committee intending to startup in Kantara? Other committees?

• For example - for the Consent Receipt spec, CIS WG decided to do the CR Interop Demo at MyData in Helsinki. It's a forcing function to get products to include code to generate, consume and otherwise 'deal with' consent receipts
• Data interchange between 'wallets'?
• From the UMA Charter:
  
  • To promote UMA adoption
    • For example, by offering support for profiling and extension creation and creating educational materials
  • To promote interoperability of independent implementations of UMA
  • Vendors are starting to implement - tech interop will have to happen
  • Deepening the usage patterns for UMA - ongoing
  • Consider developing specific extensions for specific use cases (e.g. sector-oriented/'verticals' profiles like for HEART) - also looking at 'horizontal' profiles. e.g. enterprise case where enterprise access rules override the RS Owner's policy direction
  • Gluu: scope expressions
  • Possible interaction with Rebooting Web of Trust community for Decentralized Identifiers? There are at least 3 interaction points where UMA could intersect with DIDs. e.g. HIE of One.
  • OAuth authorization endpoint, Claims authorization endpoint might be intersections with DIDs
  • Jarrod Hansen's (Auth0) Identiverse talk - API Authorization proposal - big opportunity if we can engage him - passport.js

Administrative Reminders/Requests: Please ensure your WG and DG charters are reasonably current. These are supposed to be reviewed annually.

IRM WG -

OTTO WG -

UMA WG - 

BSC DG -

IA WG -

CIS WG -

Consent Solutions WG -

eGov WG -

FI WG -

IDoT DG-

• Andrew proposes to define a new type of Kantara publication: the 'Best Current Practice' Recommendation. This would follow the same intent as with IETF BCP documents. 
• Currently the publication type: 'Recommendation' has sub-types of 'Recommendation' and 'Technical Specification'. The 'Best Current Practice' would become a third sub-type.
  

  "The BCP subseries of the RFC series is designed to be a way to standardize practices and the results of community deliberations.  

  A BCP document is subject to the same basic set of procedures as standards track documents and thus is a vehicle by which the IETF 

  community can define and ratify the community's best current thinking on a statement of principle or on what is believed to be the 

  best way to perform some operations or IETF process function."

  Ref: IETF BCP 9

Please take a moment to review the list of action items and do your best to take action.

Operating Procedures are being updated to match the current version of Bylaws. Some streamlining and addition of document publication procedures is being done as well.

New boilerplate templates for email ballots are being created.

List of future events on KantaraInitiative.org