2018: December

Hello everyone

This is the running update from the Executive Director. Have questions or comments? Suggest some added information or edits? Contact ED colin at kantarainitiative dot org.


What a year it's been. Happy Holidays and best wishes for a fruitful and fulfilling 2019 to everyone!

It's New Year's eve as I write 2018's last Director's Corner on a cloudy, mild winter's day. I hope your weather - be it searing heat in Australia or freezing cold in our most northern climes - has not deterred you from having some well deserved rest, recreation and catch-up time with family and friends.   

10 days ago in London, that was exactly the case, as the Gluu World Tour rolled into town and I met up with them and the Open Consent Group members for an extended Christmas lunch. With Kantara's 2018 Events Map with its near-on 20 events fresh in our minds, it was great to reflect on the year. I had just returned from Brussels where Kantara Programs Manager Ruth and I had been forward planning Kantara Initiative Europe's 2019 European Union H2020 grant funded NGI_Trust project with other consortia members GEANT, Fraunhofer, Tecnalia, EFIS and EDN. When the call opens in February to European-based entities, you'll see our KIPI R&D submission process re-purposed for use in Europe that, together with our deep relationship with communities doing ground-breaking work in the digital identity, access and privacy-preserving domains, is the reason Kantara was invited to join this consortium in an already highly successful call.       

Reflecting on 2018, from Kantara's perspective, it has been a very good year overall. Kantara has significantly consolidated its finances over its 2017 situation and its net membership has grown despite some churn.

The KIPI R&D program has seen two projects advance to final stages - Lockstep's MDAV certificate capsules project re-branded as ValidIDy, already in final Phase (Transition to commercialisation) and Exponent's MOB4PACS project using smartphones as PIV cards with NFC and BLE awaiting final clearance to begin its final phase. Both of these are stunningly concepted projects capable of significant commercial exploitation for the right investment partner and I will be happy to introduce interested parties.

Kantara's other major program, the Trust Framework and Assurance program, had a busy and progressive year. The Service Assessment Criteria for NIST's SP 800-63-3 Digital Identity Guidelines were developed and deployed by the program’s Working Group steward (the IAWG) for Kantara's accredited assessors to review the compliance of identity and credential providers' services seeking Kantara's grant of Trust Mark upon systemic review and, where favourable, approval. To this day, Kantara remains the only entity offering 3rd party conformity assessment and approval for this de jure internationally recognized standard, whose promulgation through the GSA FICAM program, of which Kantara is an authorized Trust Framework Provider, has been significantly impacted by federal funding cuts. Nonetheless, the FICAM Trust Framework Provider community comprising InCommon, Kantara and SAFE-Biopharma have continued to operate the program for the benefit of the federal and state government without the support of the GSA. My sincere thanks, and well deserved community credit, goes out to the IAWG participants (led by Ken Dagg and Scott Shorter) and the Assurance Review Board chaired by Leif Johansson (SUNNET) and comprising Ken Dagg (IAWG liaison), Tom Barton (InCommon), Jamie Bryce Clark (OASIS), Richard Trevorah (tScheme), Nathan Faut and David Temoshok, upon whose weekly attendance and many hours of pre-meeting preparation the program depends, supported by Program Manager Ruth Puente and editor Richard Wilsher.     

Mid-year, Kantara absorbed the assets of the IDESG largely comprising the IDEF, the self attesting Registry, the wiki, the website, the committee artifacts and a small group of members and non member participants following the completion of the grant funding from NIST. While the transition into the newly established Kantara Initiative Educational Foundation occurred almost seamlessly thanks in particular to the efforts of Kay Chopard Cohen, Martin Smith, Tom Jones and Kantara's Oliver Maerz, activity and forward progress has been lower than anticipated. IDESG's Healthcare Committee was the standout exception as it reformed inside Kantara's Health Identity Assurance working group under Dr Tom Sullivan's exemplary leadership, contributing matters of significant concern and importance to the community in the last quarter of the year.    

While on the subject of Kantara's working groups, the bulk of the activity gravitated around the Consent & Information Sharing and UMA groups. On reflection, perhaps this was not surprising given GDPR enforcement from May 25th, where both Consent Receipt v1.1 and UMA are specifications that play directly to the mitigation of GDPR's and ePrivacy's compliance and privacy requirements while equally asserting the individual's sovereignty over their personal data and attributes. The development and demonstration of the interoperability potential of Kantara's Consent Receipt, and the proposed Licencing Model for UMA have piqued the interest of audiences around the globe. A special thanks the Group Leadership Jim Pasquale, John Wunderlich, Andrew Hughes, Eve Maler, Maciej Machulak respectively, along with the dedicated group of corporate members Consentua, digi.me, iWelcome, Open Consent Group, Trunomi, Ubisecure, and individual contributor volunteers Tim Reiniger, Catherine Shultern, Andi Hindle, Adrian Gropper, David Turner, Nancy Lush, Thomas, Cidgem, Domenico and the many others who supported by attending calls and contributing work. 2019 planning in these groups is well underway, whereby groups that became less active over 2018 as their work completed will be wound up and several new groups will be formed. Already formed a month ago is the ID Proofing and Verification Discussion Group which has enjoyed high call attendance and contributed use cases. This Group will collect Identity Proofing and Verification Use Cases from industry that will be contributed to ISO SC27 Working Group 5 Identity Management and Privacy in February. 

So there you have it. 2018 has seen Kantara improve its financial health, refine its membership and operating procedures, grow its membership, consolidate its work groups around focussed active interest areas, acquire other consortia assets and further develop both its programs.     

I think we can be proud of what we have achieved through the support and dedication of member and non member participants as well as active Board organizations digi.me, Experian, ForgeRock (Kantara President Allan Foster), ISOC (Kantara Secretary, Treasurer Robin Wilton), SecureKey, Leadership Council Representatives (Chair Andrew Hughes whose dedication is seemingly without bounds and Ken Dagg), my near 24x7 staff (Ruth and Oliver), Virtual Inc management staff (Megan, Bella, Joan, Joe, Rob, Tim and Tom, Bob, Madison, Mikaela and others), and without whom we could not have made 2018 the really solid progressive year for Kantara that it has been.

What's most important is how you think Kantara has done and what it could do better. Please spend a few minutes answering these 10 multi-choice questions in our annual member survey. https://www.surveymonkey.com/r/KI_community_feedback

2019 marks Kantara's 10th anniversary and you will see recognition of it throughout the year. 10 years is some considerable feat in the highly volatile world of industry consortia!

As I look at the 12 months ahead, with the less-than-full knowledge I possess now, I see growth everywhere in every aspect of Kantara's activity - R&D and Assurance programs, Working Groups, consortia consolidation, asset acquisition, membership and sponsorship. I want it to be a landmark year for Kantara - not just because of its 10 years - but because I want to see all your enthusiasm, suggestions, introductions, and volunteer contributions come to fruition and receive the accolades they richly deserve.

Next week I will be in Washington DC supporting our KIPI Program partners at the DHS S&T Cybersecurity and Innovation Showcase. I've planned to meet with as many of you as I know will be available. If you are in DC next week please just Contact us to reserve a meeting time.  And while on the topic of next week please, please.. remember the Identiverse deadline is closing fast, so make sure to submit your presentation idea before the January 11 deadline.   

It is with great pleasure that we welcome new individual member Ivan Niccolai from Australia, joining fellow Australians, the Digital Transformation Agency, Lockstep Technologies, Meeco, Unify and others. 

This is my very last opportunity this year to salute your support in 2018, and may 2019 bring us all the promise of success we wish for.

Kind Regards,


Around the Houses:


Program, Work Group and Discussion Group Updates:

  • You can always keep up with the latest news from the Work and Discussion Groups directly on the Leadership Council's Blog. See the list of public groups here.

  • As always, our Specifications, Recommendations and Reports are available for download from our Reports and Recommendations web repository - now with frictionless access.  

Events: See them all here!