2022-04-14 Minutes

Owned by Lynzie Adams
Last updated: Aug 02, 2022
3 min read

Attendees:

Voting Participants: Martin Smith, Mark Hapner, Richard Wilsher, Maria Vachino, Mark King, Jimmy Jung
Other IAWG Members: Angela Rey, Andrew Hughes 
Staff: Lynzie Adams, Kay Chopard

Proposed Agenda

  • Administration:
    • Roll call, determination of quorum
    • Agenda confirmation
    • Minutes approval - 2022-03-24 DRAFT Minutes
    • Staff reports and updates
    • International liaisons updates
    • LC reports and updates
    • Call for Tweet-worthy items to feed (@KantaraNews)
  •  Discussion: 
    • SAC final review 
    • DIACC Request 
    • 63-4 input plan
  • Any Other Business and Next Meeting Date

Meeting Notes 

Administrative Items:

IAWG Co-Chair Martin Smith called the meeting to order.  Roll was called. Meeting was quorate. Distributed agenda was confirmed. 

Minutes approval:  Mark Hapner motioned to approve the draft minutes from the March 24 IAWG meeting. Martin Smith seconded the motion. The minutes, with a minor update on Mark King's attendance, were approved unanimously.

Staff Reports and Updates:

Kay reminded the group that Kantara will be presenting at the EIC conference in Berlin next month. Additionally, she will be presenting at Identiverse in June. There will also be a small workshop prior to the start of the conference for Kantara to provide an overview and updates. 

Bi-weekly meeting with DCMS have started. The 17065 certification process is continuing. 

No report from LC. 

Discussion:

SAC Final Review 

Richard led the discussion. All SACs have been reviewed more than once in prior meetings. This is the final vote on each. Richard will abstain from all votes as editor. Voting members in this meeting include: Maria, Jimmy, Martin, Mark Hapner, and Mark King. Other participants were invited to provide input. 

CO_SAC: These are material changes and will be posted for 45-day review. Motion – Mark King, Second, Mark Hapner. Approved for submission.

63A_SAC: Mark King proposed that the changes are not material because we are not asking for anything new from applicants, solely clarifying language. Motion – for non-material update – Jimmy. Second, Mark Hapner. Approved for submission.

63B_SAC: Mark King proposed that the changes are not material as we are not asking for anything new from applicants, solely clarifying language. Jimmy concurred. Motion – for non-material update – Mark King moved. Jimmy seconded. Approved for submission.

63C_SAC: Non-material update to criteria. Motion – Mark King. Second – Jimmy. Approved for submission.

OP_SAC: discussion around OPA#0100 long-term secret update. What defines long-term? Maria suggested a definition of long-term listed in the guidance column. OPB#0340 discussion around wording of “not use single-factor PIN/password tokens.” Updated language to be less confusing. Group determined both updates are just clarification – not use single-factor is equivalent meaning to use multi-factor. The is a non-material update. Mark Hapner moved, Mark King seconded. Approved for submission.

DIACC Request 

Brief discussion on the Digital Wallet component on their framework. It’s due May 20. Will revisit at next meeting when Ken returns. Other Kantara workgroups might be interested – ANCR or PEMC. Can propose to them to see if interest is there. 

63-4 input plan

Brief discussion on 63-4 and the delay. Does this delay give us a window to give input? Not clear yet. Kay has proposed a meeting with NIST and Kantara board members. Unsure what will come from it.

Any Other Business

Classes of Approval/Service Descriptions

Jimmy explained that a couple CSPs want to apply for technical approvals for only 63a or 63b respectively. These are not options on the current website matrix. There is some conflicting beliefs on if a ‘full service’ can be a full IAL (or AAL) assessment. Rather, than a component.  The IAWG can revamp the service descriptors/ approval types, but how? Maria concurs the matrix is confusing and needs updated. This will be on the next agenda but wanted to put the issue out there for thought going into next meeting.

Jimmy highlighted that the CSP also doesn’t fit into the Partial Service (Technical) row as they are meeting all of the criteria, not just part of the criteria.  

Next Meeting:

Will touch base with Ken to confirm if he is available for next week, April 21 to continue the discussion on DIACC and Service Descriptors.
Additionally, Mark King would like to know what the Australians are up to.