2021-11-24 Meeting notes

Owned by
John Wunderlich
Last updated: Aug 03, 2022
2 min read

APPROVED

Date

Attendees

See the Participant roster

Voting

ParticipantAttending
Brudnicki, David
Davis, PeterRegrets
Hodges, GailY
Hughes, AndrewY
Jones, ThomasY
Williams, ChristopherY
Wunderlich, JohnY


Non-Voting

ParticipantAttending
Aronson, MarcY
Gropper, Adrian
Jordaan, LoffieY
LeVasseur, Lisa
Whysel, Noreen

Goals

  • Check-in on work progress
  • Review elections for next week

Discussion items

TimeItemWhoNotes

Call to Order

If quorum:

John Wunderlich 

  • Meeting is quorate
  • Moved approval of 2021-11-10 and 2021-11-17
    • No objections
10 minutesActions or issues from prior meetings

John Wunderlich 

  • See tasks on Meeting Page
  • John - added Front Matter to drop box
  • Andrew - started a Terms and definitions page
  • All to suggest additional sources of terms and definitions to look at
40 minutesReport content discussion & reviewAll
  • reviewed the terms and definitions pages
  • reviewed the front matter draft in Dropbox
  • reviewed the PEMC templates
  • Next step: brainstorm/come up with a TOC for the Implementer's Guidance document
    • Audience: Architects/designers, developers, organization policy setters, standards organizations
  • Scope of this WG concerns:
    • 18013-5 is transactional and implied consent - it is insufficient and that's why this WG exists
    • This provides no assurances to the individual that the entities/actors operating or providing the systems and the operating organizations should or can be trusted to provide privacy protective/respecting services.
    • The individual should be able to reasonably assume (especially if the organization is certified as conforming to the specifications) that the organizations are 'doing what they should be doing'.
    • Specify a set of principles for mobile credentials and associated data
    • Define expectations on the organizations and suppliers regarding their mobile credential-related products, mobile credential-related services and use of those products and services
  • Need to be cautious to avoid trying to cover all of data protection and information management
    • Organizations are expected to operate their own privacy program - this WG will give them material to address mobile credentials - this WG will not define their privacy program generally
  • Should document the foundation principles up front and put them in the Implementer's guidance so that readers of any of the documents starts from the same understanding
  • QQ: Is credentials/presentation aggregation in scope?
5 minutesNext meeting

John Wunderlich 

Gail can talk about OIDF eKYC-IDA work and GAIN initiative

Adjourn

Moved: Loffie

Seconded: Gail

Meeting Adjourned.

Next meeting

 

Action items

  • Andrew Hughes to add ISO 29100 terms and ISO 27000 terms ISO 24760
  • John Wunderlich to update the user story template to match Tom's contribution
  • Â