Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Attendees: 

Voting participants: Scott Shorter, Andrew Hughes, Ken Dagg, JJ Harkema, Denny Prvu, Mark Hapner.

Staff: Colin Wallis and Ruth Puente 

Non-voting participants: Jim Fenton


Updates: 

  • JJ Harkema is the Experian representative in the Board of Directors.
  • Staff is working on the GDPR project plan.
  • Consent Receipt:  http://iiw.idcommons.net/User-Controlled_GDPR_Consent_Cookie - led by LC Chair Andrew Hughes drew such interest that a hack day was created at MIT labs on April 26th to take the work further. 
  • May 14th. European Members Plenary.
  • Andrew Hughes represented Kantara at the ISO SC27 WG5 meetings in Wuhan China where Kantara's contributions to several standards in development, were tabled. He added that ISO standards related to identity proofing and assurance, risk management are under renewal. As he is one of the rapporteurs in the study group,  he intends to use the KI liaison WG to actively develop a response. He invited IAWG participants that are KI members to join the effort, so those who are interested should reach out Andrew, Ken or Colin. 


NIST 800-63-3 Implementation Guidance. 

  • Scott is adding more content to the Google Sheet. Also, Jose Lopez has added his comments. 


Comments on OMB policy draft 


  • Thursday May 3rd: Another draft to be review. Submit the comments to Ruth or add them directly to the Google Doc.

attribution removed and will go as Kantara comments and suggestions.


https://docs.google.com/document/d/1w94ZJLBSZsE9LwPKpsaGgyS5ZnRAGX2fEMe0-CPbAEM/edit?usp=sharing


See CW introduction.

Contradiction. Different interpretation of shared services.


It includes privacy and public


Jim Fenton: things like login.gov, a shared authentication provider. Public sector shared service.  There are places in the doc. Where it is encouraging the development of multiple id and authentication shared services in both private and public sector.

Ken assumed that Included private sector, such as as CSP. Private sector/CSPs  are considered to be shared services.

JF the gov is trying to have a more a privacy focus.


Now that the consolidation draft in Gdoc link:



3 comments:


1)   make sure the doc is structured in a way that equally encourage private and public sector id and authentication services.

2)   Responsibilities to GSA control system in item 6. Physical access control system.  It probably need to be removed, physical access control. It needs to say something more than access control because it can´t rely on 800-63-3 for that.

3)   DHS support to that Program as well. CDM program Continuous Diagnostics and Mitigation.

4)     Agency Adoption of ICAM Shared Solutions and Services

  • No labels