Attendees:
JJ Harkema (Experian)
Scott Shorter (IAWG Vice-Chair)
Matt King (SAFE-BioPharma)
David Simonetti (SAFE- BioPharma)
Richard Wilsher (Zygma)
Matt Williams (Exostar)
Colin Wallis and Ruth Puente (KI)
Agenda:
1. Welcome and Roll Call
2. Internet2 Update
3. Kantara Identity Assurance Working Group Update
4. SAFE-Biopharma Update
5. NIST and FICAM Updates
6. Open Mic
Incommon/Internet 2 Report
Barton Internet2 MAGIC 2018.pdf
IAWG Report
SAFE Bio-Pharma Update
- No further news from NIST.
- They also noted that the "authoritative sources" requirement is a challenge.
- They have seen interest from companies to be certified against 800-63-3. There seem to be a requirement from the Insurance, Banking and Healthcare industries on 63-3 compliance.
- Regarding AL2 minus, there have seen interest on something in between AL1 and AL2.
NIST SP 800-63-3
- Scott Shorter provided the link to NIST FAQ: https://pages.nist.gov/800-63-FAQ/
- Exostar commented that as they do not have a regulatory requirement or use case they still do not have a specific strategy towards 63-3.
Various
- Colin Wallis proposed to have updates from CSPs on the TFS Sync. Matt King added that would be interested to hear their market perspective. Matt Williams said that he would like to share an update from Exostar but also hear from those CSPs that are certified by Kantara, in particular those who has been certified on 800-63-3; and from those who make B to G or C to G and what success they are having with Federal Agencies.
- Experian said that they would be happy to share updates and lesson learned.