Kopie von 2014-07-07 eGov Meeting Minutes

1. Administration

5 participants - quorate

June minutes - Colin moved, John seconded

2. Discussion: separate LoAs for identity proofing and credentials?

Guy: Govmts of Alberta and B.C. Have separated credential from identity assurance. Federal Canda may go the same path. FICAM has identity assurance broken out. Europe and UK having both in the same LoA value. So it appears that Us and Europe are marching different trust framework paths, as possible is Canada. NZ hard coded identity assurance into the values. So it will be interesting to see how these frameworks evolve on the policy and protocol levels.

Rainer: what are the requirements for relying parties to separate cred. and id assurance?

Guy: LoA of identites and credentials are not aligned. Alberta is also considering to use multiple credentials of different strength, e.g. from 3^rd parties.

John: When identities are shared between governments, they might want to know the different types of LoA.

Matt: For the UK it is all about service consuming knowledge and confidence about the user for transactions. High level of id assurance does not provide more trust. On the other side, if id assurance is low, there is no need to pay to a high assurance credential, thus would not be proportionate.

Guy: A use case that we have to deal with is a low id and high cred assurance, with is a lower session assurance.

Matt: .. the level of proofing is the more expensive part.

Guy: Multiple credential use case, some strong, some low – user may choose – session level is lowest of the two.

Colin: History in US is based on NIST 800-63: It was designed for enterprise-type authnentication, now it is used as baseline for G2C space.

Matt: in the UK we are struggeling with finding a use case where you need a strong credential but low proofing.

Rainer: With some use cases where the service does not link to pre-existing PII, there might be a benefit to have a stronger credential, but it is up to the user to decide. There might be no need to enforce it by the service.

John: Proofing is improved over the course of the next couple of years, that is why the values should be separated.

Rainer: For the long term it might make sense to put the additional into some attributes, and use the AuthenticationContext for the combined value.

..

Colin: There was a discussion in 29115. ISO SC27 is currently creating identity proofing guidelines.

AI: Colin to extract salient pieces from the ISO document and share it in the WG.

Matt, John emphasize the need to agree on terminology.

Rainer: We had a discussion on the scope of LoA a couple of years ago. There is a slide in:

http://kantarainitiative.org/confluence/display/TFMMWG/Enhanced+LoA

John: made a mapping about use in different countries. Will ask to make this available to the group. Canada has to come up with names and values and associanted use case.

Rainer: 29115 defines the scope of LoA .. includes both IPV and authentication. I think that min(IPV, credential) is a common semantic for SAML authentication context. But this needs to be discussed. Anyway the scope in 29115 is clearly described: includes IPV and authN, but not anything after the authentication event, like session protection, e.g. holder of key-type models.

Colin: Formally, the scope of SAML authnContext is defined out of band.

(..) we should work on this inthe group and propose a solution in eGov profile or saml2int; could then propose this to this OASIS SSTC.

Matt: will try to contribute something abount session assurance (may be a bit embryonic).