Meeting Minutes - approved by IAWG 29 August 2013 |
Link to IAWG Roster
As of 1 July 2013, quorum is 5 of 9
Meeting was quorate with 5 voting members present |
IAWG Meeting Minutes 2013-08-8
Motion to approve minutes of 2013/8/8: Bill Braithwaite
Seconded: Scott Shorter
Discussion: None
Motion Passed
See running table below
(ref. Email to IAWG Chairs and WG)
Link to current IAWG Charter (July 2009)
Kantara Portland retreat in August 2013 created plans to sharpen focus for Kantara WGs. Review and update of existing WG charters was requested, due September 25 for review by LC.
The text of the request:
During the recent Kantara Leadership Retreat, we focused on the question of why Kantara exists (seehttp://kantarainitiative.org/pipermail/lc/2013-August/002348.html for a high level summary out of that retreat). The idea is that with a clear "why", we can make sure the actions we take truly support the goals of the Kantara Initiative. The current working DRAFT of Kantara's "why" statement is: DRAFT: Kantara exists to define rules of engagement for operators of online services, enabling high-value, privacy-preserving identity and access. In order to incorporate this concept in to the Innovation side of Kantara, the work groups, we are initiating a Work Group recharter effort. This will help make sure that the Work Groups are on track with solid deliverables and timelines that support the goal of the organization. Work Groups can expect to receive more organizational support in terms of marketing to increase group participation and the creation of industry-driving Kantara Recommendations. For Work Groups that do not recharter, their status will change to that of a Discussion Group, which is considered a much more informal effort. (Please see the Kantara Operating Procedures for a more detailed definition of Work Group and Discussion Group: http://kantarainitiative.org/confluence/x/owVAAg .) The link to your current charter can be found on your space in the Kantara wiki. The LC would like to have the updated charters in by September 25. The LC will discuss and review the charters over the month of October. |
Discussion
The text from prior meetings is copied here for reference. |
NOTE: All tickets now posted at Identity Assurance Framework - Working Drafts
#770408 discussed on 1 August and 8 August 2013 calls.
IAF-1400-SAC Line: 1636 - 1640, 2149 - 2198 Reason: This is permitting only three protocols making IAF protocol dependent. Currently, it is listing tunneled password, zero knowledge-base password; SAML assertions. Proposal: Delete |
Discussion of ticket
(8 August 2013) Discussion:
(IAWG Listserv email contribution - Wilsher)
Re. today's discussion on the criterion below, I propose the following text (there is no stipulation at AL1; AL3 would be the same, except for the existing qualifier "For non-PKI credentials, apply ...", and of course 'AL2' would be replaced with 'AL3'; AL4 is also no stipulation). Regards, RGW AL2_CM_CTR#025 Authentication protocols Apply only authentication protocols which, through a comparative risk assessment appropriate for AL2, are shown to have resistance to attack at least as strong as that provided by commonly-recognized protocols such as: a) tunneled password; b) zero knowledge-base password; c) SAML assertions. Guidance: Whilst many authentication protocols are well-established and may be mandated or strongly-recommended by specific jurisdictions or sectors (e.g. standards published by national SDOs or applicable to government-specific usage) this criterion gives flexibility to advanced and innovative authentication protocols for which adequate strength can be shown to be provided by the protocol applied with the specific service.
Disposition: Add to IAF enhancements list
IAF Glossary Update status (Dagg)
Modular IAF status (Hughes)
Item # | Description | Assigned to | Est. Completion | Status |
---|---|---|---|---|
2013-06-06-005 | IAWG-NIST F2F in DC area to discuss approach and feedback on 800-63 v IAF analysis approach (2013-Aug-1): Comment that perhaps ICAM should be invited as well. | Staff / IAWG Leads | TBD | Not started |
2013-06-13-001 | Chair to discuss with Exec. Director the need for a Content Management System analysis and potential tool for IAF/SAC & funding options
| Myisha | 20 June 2013 | In progress |
2013-06-13-002 | Glossary updates underway. Next draft should be available in 4 weeks (11July2013): Defer item to future meeting (1Aug2013): No comments on new additions received yet - reminder sent to sub-group. | Ken Dagg | Updated:12 Sept 2013 | In Progress |
2013-08-1-002 | Forward Ticket items that have been resolved to correct lists for next action. | Andrew Hughes | 8 August 2013 | Not Started |
2013-08-8-001 | Bring forward ticket #770408 for further discussion of new text | Chair | 15 August 2013 | Not Started |
Item # | Description | Assigned to | Est. Completion | Status |
---|---|---|---|---|