Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »

Attendees:

Voting Participants: Mark King, Mark Hapner, Richard Wilsher, Ken Dagg.

Non-voting participants: Eric Thompson, Jimmy Jung, Adam Cooper

Staff: Colin Wallis, Ruth Puente

Quorum: 3 out of 5. There was quorum.


Agenda


1.Administration:
a.Roll Call
b.Agenda Confirmation
c.Minutes Approval 2021-04-04 DRAFT Minutes

2. Discussion

a. Review Final Comments NISTIR 8344 (Ontology for Authentication) 

b. Review criteria related to component service consumers.  
c. NIST open discussion issues in light of SP 800-63 rev.4.

3. Any Other Business


Minutes Approval

2021-04-01 Minutes were approved by motion. Moved:  Mark King. Seconded: Mark Hapner. Unanimous Approval. 


Review Final Comments NISTIR 8344 (Ontology for Authentication) 

  • Ken commented that he updated the draft with the inputs provided on April 4th, including: purpose of this document; what does it contribute to?; What does it establish a foundation for?; key terms that are missing and we propose some definitions of those terms relating them to standard sources ISO standards and the Oxford dictionary; undefined terms; the relationships between those terms; what it's trust; what is risk, how do they relate to each other?; clarification requests on examples; suggestion to present the terms in a relational order rather than alphabetical. 
  • IAWG approved the final comments, available at https://docs.google.com/document/d/1jswnFEpl1kvNmUAYBFa3MMjNXBam2BkYhE3FqbANOKQ/edit?usp=sharing
  • Ruth will submit the IAWG Comments to NIST on the 9th. 


Responses to UK questions 

  • Comments are being developed here: https://docs.google.com/document/d/103q3NrG31j3dalW3X3UuS_jj8_hWbmXEPSNRSHWlOHA/edit?usp=sharing
  • Ken said that the key comments are in relation to Question 7,  interaction between trust marked organisations and non trust marked organisations. Points made the participants:  KI highly recommends that services are trust marked rather than organisations, which would allow an organisation to offer trust marked and non trust marked services. As well as services with different trust marks are variations of trust marks according to the criteria that the service is assessed against.  The group will take direction from the CO_SAC KIAF 1410 to answer the question, "External Services and Components" section, criteria CO#0320 and CO#0330.
  • The other point made was regarding the question about anti-money laundering requirements.
  • International interoperability approach should be added. 


Review criteria related to component service consumers

  • Further revisions were made to the OP_SAC regarding subject focused criteria; Richard Wilsher has been updating the document accordingly. 


NIST open discussion issues in light of SP 800-63 rev.4.

  • No labels