2022-01-13 Minutes

Attendees:

Voting Participants: Ken Dagg, Martin Smith, Mark Hapner, Jimmy Jung, Richard Wilsher 

Non-voting participants: Andrew Hughes, Colin Wallis, Chris Lee, Nathan Faut, Lal Varun

Staff: Lynzie Adams

Proposed Agenda

  • Administration:
    • Roll call, determination of quorum
    • Agenda confirmation
    • Minutes approval - 2022-01-06 DRAFT Minutes
    • Staff reports and updates
    • International liaisons updates
    • LC reports and updates
    • Call for Tweet-worthy items to feed (@KantaraNews)
  •  Discussion: 
    • Complete Workload Planning
    • 800-63 Rev. 4 brainstorm/compile list of suggestions
  • Any Other Business and Next Meeting Date
    • Next meeting - January 27th  

Meeting Notes 

Administrative Items:

IAWG Chair Ken Dagg called the meeting to order at 1:05PM (US Eastern).  Roll was called. Meeting was quorate. Distributed agenda was confirmed. 

Minutes approval:  Martin Smith motioned to approve the draft minutes from the January 6 IAWG meeting. Mark Hapner seconded the motion. The minutes, as distributed, were approved unanimously.

Staff Reports and Updates:

Kay is on vacation this week. No additional updates since last week.

International Liaisons Updates:

Colin provided an update on his current work at Digital Identity, New Zealand. There is a reciprocal membership between DINZ and KI with Colin holding a KI membership and Kay holding a DINZ membership. Ken asked if documents would be coming out of NZ for comment in the future. Colin believes yes and suggests for planning purposes to look into a IAWG submission for the second draft - possibly late March time frame. 

LC Reports and Updates:

LC will be holding a vote regarding public comment and IPR review for the latest set of revisions to the SAC. 

Discussion:

Workload Planning 2022

The current workload was reviewed.

An explanation of the current CARIN project was described by Lynzie and Colin, who first started the project for Kantara. The project is creating a healthcare policy. The work group is willing to consider reviewing the CARIN policy document when available in the second half of the year. 

Andrew suggested a report or blog covering the international work that IAWG engages in as another item. Ken has started to put things together along this line and hopes to have a product by the end of the second quarter. Ideally this deliverable could be used by KI marketing to increase visibility. 

Richard has some last minute updates (clerical) to the SAC revisions. He'll update accordingly and submit to Ken for the LC vote. 

Jimmy raised an issue with criteria around supervised remote - it's not happening currently, at least not in the way NIST imagined. One particular criteria, 63a#0570, physical tamper protection, raises concern. The KI criteria describes it as a remote proofing terminal, but it's not always a terminal - at times it may be a personal laptop. There was discussion between a number of members in the group. Richard Wilsher suggests waiting for rev. 4 and hopefully influencing NIST's view on this criteria might be more worthwhile than investing too much time in the current criteria. This will be placed on our list of Rev. 4 comments. 

NIST Rev. 4 Suggestions

Possible areas to comment on Rev. 4:

  • 5.3.3.2 - Requirements for Supervised Remote In-Person Proofing - The CSP SHALL employ physical tamper detection and resistance features appropriate for the environment in which it is located. For example, a kiosk located in a restricted area or one where it is monitored by a trusted individual requires less tamper detection than one that is located in a semi-public area such as a shopping mall concourse. - Send guidance on what we consider appropriate for an environment. 
  • Comparable Alternative Controls – how they will be addressed?
  • Federation Agreements

Less content/ more clerical:

  • Document structure.
  • Consistency in use of terms.
  • Inclusiveness suggestions (increasing)

Other Business:

The next IAWG meeting will be Thursday, January 27 at 1pm EST. We will continue discussions around 800-63 rev. 4 suggestions.