Attendees:
Voter Name | 21 June 2012 Attendance |
Bill Braithwaite | x |
Myisha Frazier-McElveen | x |
Rich Furr | |
Linda Goettler | x |
Sarbari Gupta |
|
Scott Shorter | x |
Colin Soutar | x |
Richard Wilsher | x |
Non-voting:
Ken Dagg
Andrew Hughes
Nathan
David
Apologies:
Staff: Joni Brennan, Pat Roder
1. ADMINISTRATIVE:
a) Roll Call – Quorum was achieved since there were 6 voting members out of 8 on the call.
b) Motion for Minutes: moved to approve the Meeting Minutes from 6/7/12 and it was seconded.
c) Agenda confirmation: Agenda confirmed.
2. KAR
On the 6/7/12 call, there was an Action Item taken for the assessors with AICPA certification to produce evidence to confirm that they are able to provide non-AICPA compliant reports. Based on the evidence produced (if any), assessors can determine the best path forward.
- Bill made a motion to adopt Kantara IAF-3310 KAR v0-3 as the base document for the editing perspective with a formal call for comments and an editor assigned. Sarbari seconded the motion and no one opposed it. (ACTION ITEM)
- Mark volunteered to be the editor.
3. IAWG ROADMAP
The group then discussed the Q3 and Q4 components displayed on the IAWG Roadmap for 2012 of the revisions to the IAF-SAC document.
Q3:
- The Q3 effort involves drafting the pseudonymous approach of decoupling credentials from identities.
- On the 6/7/12 call, it was agreed that a position statement, use cases, and gap analysis be developed for this approach.
- IAWG members were asked to express their interest in participating in this effort. Ken, Colin and Andrew indicated their willingness to contribute to this task. (ACTION ITEM)
- This effort may be conducted as a sub-team which provides updates to the IAWG on their weekly calls.
Q4:
- The Q4 effort involves profile development which is nation/sector specific.
- This effort may be premature for the Government of Canada. It is still being determined whether a profile specific to health care is necessary.
- The Q4 effort also involves the initial draft development of Relying Party Guidelines.
- The questions of whether Q4 is the appropriate timeframe for this work and whether the IAWG is the appropriate body to conduct this work were put to the group.
- The group agreed that the guidelines are needed since there are currently none available but that there are many facets of this work which will fall into many working groups and that it would not belong solely to the IAWG.
- It was decided to leave this component as a Q4 item at this time.
4. OUTREACH
- On the 6/7/12 call, Ken Dagg suggested oversight bodies that deal with financial institutions, such as bankers’ associations, be added to the list of end-user communities who may leverage Kantara’s Identity Assurance Program.
- Joni questioned what kind of financial institutions should be included and Ken stated that he meant banks as well as the insurance industry and investment firms.
- Any institution that deals with online access presents an opportunity for a business case to be made for using external certifying providers.
- When outreach is made from peer to peer, material (use case or business case) should be in hand to present.
- This material could be specific to the institution type (financial, insurance, etc.) and could be geared toward recruitment to Kantara or towards the adoption of Kantara’s programs.
- It was agreed that an item should be added to the IAWG’s workstream to develop a paper that describes what Kantara has to offer and how it can provide an organization with a high value service. (ACTION ITEM)
5. EVENTS
Due to time constraints, the discussion of this item was deferred until the next conference call on June 28, 2012. (ACTION ITEM)
6. AOB
Due to time constraints, the discussion of this item was deferred until the next conference call on June 28, 2012. (ACTION ITEM)
7. ACTION ITEMS
Due to time constraints, the discussion of this item was deferred until the next conference call on June 28, 2012. (ACTION ITEM)
6/14/12 Action Items
Action Item | Assigned To | Status | Description | Comments |
20120614-01 | IAWG | Open | Provide comments on Kantara IAF-3310 KAR v0-3 to Mark Lundin |
|
20120614-02 | Ken, Colin, Andrew | Open | Begin working as a sub-group to develop a position statement, use cases, and gap analysis for the pseudonymous approach |
|
20120614-03 | IAWG | Open | Add an item to the IAWG’s workstream to develop an Outreach paper that describes what Kantara has to offer and how it can provide an organization with a high value service. |
|
20120614-04 | IAWG | Open | Discuss IAWG Events on the 6/21/12 call. |
|
20120614-05 | IAWG | Open | Discuss AOB on the 6/21/12 call. |
|
20120614-06 | IAWG | Open | Review Action Items on the 6/21/12 call. |
|
6/7/12 Action Items
Action Item | Assigned To | Status | Description | Comments |
20120607-01 | Myisha, Nathan, Scott, and Joe | Closed | Based on evidence produced (if any), assessors to determine best path forward (see June 7, 2012 notes) | This item was closed on 6/14/12. |
20120607-02 | Joni | Open | Move the alignment to NIST 800-63-1 to Q3 on the Roadmap. |
|
20120607-03 | Joni | Closed | Create a position statement which outlines how the pseudonymous approach benefits Kantara. | Sub-team formed on 6/14/12. See item 20120614-02. |
20120607-04 | IAWG – Champion Needed | Closed | Perform a gap analysis for the pseudonymous approach which spells out the work that needs to be done. | Sub-team formed on 6/14/12. See item 20120614-02. |
20120606-05 | IAWG – Champion Needed | Closed | Develop use cases for the pseudonymous approach. | Sub-team formed on 6/14/12. See item 20120614-02. |
20120607-06 | IAWG | Closed | Review Roadmap’s Q4 deliverables on next call. | This item was closed on 6/14/12. |
20120607-07 | Chair | Ongoing | Review Roadmap progress at the beginning and end of each quarter. |
|
20120607-08 | IAWG | Ongoing | Compile a list of end-user communities who may leverage Kantara’s Identity Assurance Program. |
|
20120607-09 | Chair | Closed | Move discussion of AOB items to June 14 agenda | This item was closed on 6/14/12. See item 20120614-05. |
Adjourn
The meeting ended at 8:00 am PDT.