Attendees
Invited Guests: Jim Fenton, David Temoshok, Scott Shorter
Non-voting participants: Andrew Hughes, Roger Quint, Ahmed Naeem
Voting participants: JJ Harkema, Ken Dagg, Martin Smith, Mark Hapner, Richard Wilsher
Staff: Colin and Ruth
Quorum: 4 of 7. There was quorum
Agenda
- Administration:
- Roll Call
- Discussion: NIST Response to Kantara Implementation Guidance Reports on 800-63-3
Discussion on NIST Response (Key discussion items)
- DT said that NIST appreciates the Kantara work presenting a Trust Framework based on NIST 800-63-3 (A and B criteria), a valuable service for the industry and for the Agencies.
- RW added that IAWG expectation is a more definite response to guide us in implementing the criteria that we raised our questions about. He would like to know how Kantara will apply the responses we received, live with the uncertainties or apply our own interpretation?
- DT clarified that NIST can respond to inquiries from industry or gov agencies, but they cannot add text nor change normative requirements. However, they can clarify terms and text. In addition, NIST is working on implementation resources, FAQ, informative text/material that is not included in the normative text and could help on the implementation, which will be published in the coming year.
- RW remarked that the Kantara Reports addresses issues on implementing or applying the criteria, for instance cases when it's impossible to meet the criteria. In relation to requirements for validating evidence, observation to NIST response.