2018-09-06 Meeting Notes

Attendees:

Voting participants: Ken Dagg; Scott Shorter;  Mark Hapner; Richard Wilsher 

Non-voting participant: Martin Smith

Staff: Ruth Puente

Quorum: 5 of 8. There was NOT quorum. 

Agenda

1. Administration:
1. Roll Call
2. Agenda Confirmation
3. Action Item Review: action item list
4. Minutes Approval: 2018-07-26 DRAFT IAWG Minutes
5. Organization Updates - Keeping up with Kantara: August 2018
6. Staff reports and updates - Director´s Corner
7. LC reports and updates
8. Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
2. Discussion

 a. Revised Overview Document - IAF 1000 (See v0.1 attached)

b. Draft criteria amendments (rev. IAF 1410, 1430, 1440 attached) to accommodate NIST 800-63-3 Implementation Guidance memos

c. E-Commerce Security: New Practice Guide Available. The NCCoE released a draft of the NIST SP 1800-17 Multifactor Authentication for E-Commerce and is requesting feedback. Public comment period closes on October 22nd.

e. IAWG Meeting time. 

Updates

• Director´s Corner 2018: August
  
• Keeping up with Kantara: August 2018
• LC Update: IDEF WG Charter is under approval.

Overview Document - IAF 1000 

• Ken presented the revised version of IAF 1000- Overview: IAWG IAF 1000 Overview Draft v0.1.docx
• Action items:

-Ken to use the template of KI Recommendation and change the version number. Last version was v2.2.0, so this one should be 2.3. 
-Scott to work with Ken on the next release of the Overview draft.
-Use the Notice and IPR text of 1410 which is the last recommendation approved and has these sections updated. 

Draft criteria amendments to accommodate NIST 800-63-3 Implementation Guidance memos. 

• Scott and Richard presented SAC updates to accommodate NIST 800-63-3 Implementation Guidance memos: 

Kantara IAF-1410 Commonly-Applicable Service Assessment Criteria v1.1.docx

KIAF-1430 SP 800-63A Service Assessment Criteria v2.1.xlsx

KIAF-1440 SP 800-63B Service Assessment Criteria v2.1.xlsx

• Action items: Scott to propose new wording and find better text for revised IAF 1410 v.1.1, 1430 v2.1 and 1440 v.2.1. 

E-Commerce Security: New Practice Guide Available. 

• Ken commented that the NCCoE released a draft of the NIST SP 1800-17 Multifactor Authentication for E-Commerce and is requesting feedback.  So if the IAWG participants would like to send comments, they should consider that the Public comment period closes on October 22nd.

Meeting time.

• There was a proposal to change the Meeting time to 1pm ET, starting on September 20th. Ruth will send an e-vote to the voting participants to approve the meeting time change.

Others

• Next meeting will be on September 13th at 3:00pm ET. 
• IAWG agreed to include in the next meeting discussion the ALn_CM_CSM#040 applicability issue based on Richard Wilsher 6/9 email Kantara Initiative Mail - [WG-IDAssurance] Service availability criterion applicability flaw.pdf