2018-12-20 Meeting Notes

Owned by Former user (Deleted)
Last updated: Jan 23, 2019
3 min read

Attendees

Voting participants: Ken Dagg; Scott Shorter; Mark Hapner; Richard Wilsher 

Non-voting participants: Roger Quint, Nathan Faut and Martin Smith  

Staff: Ruth Puente and Colin Wallis 

Quorum: 4 of 7. There was quorum.


Agenda

  1. Administration:
  2. Roll Call
  3. Agenda Confirmation
  4. Action Item Review: action item list
  5. Staff reports and updates - Director´s Corner
  6. LC reports and updates
  7. Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
  8. Discussion

a.  Questions about the revised IAF Overview (IAF 1000) v2.3.2 (attached):

1. What is the Relationship / Difference between Schemes and Classes of Approval? Which includes?, how does Scheme Owner differ from Trust Framework Provider?

2. Should the Glossary be rolled into the Overview?

3. Does the IAF cover more than just online solutions?


Quorum 

The Chair decided that due to the long absence of Denny Prvu in the meetings, he will no longer be a non-voting participant, so the quorum changed. The current quorum is 4 of 7. 


Updates

Colin sent the Newsletter to the mailing list and highlighted the following:

  • KIPI Program: Exponent completed Phase 2 and will soon work on Phase 3 .
  • Kantara Europe is involved in H2020 - NGI Trust Program and the Open call for projects will be in February. 
  • Interactive Map with the events that KI participated 
  • He encouraged the participants to fill out the Member Survey 
  • Next events: TIIME Workshop in Vienna – February 2019.  KNOW 2019 Conference in Las Vegas – March 2019 More: https://kantarainitiative.org/events/
  • New DG about Identity Proofing and Verification Use Cases: https://kantarainitiative.org/groups/idpvusecases/

Newsletter December 2018: Kantara Initiative Mail - [WG-IDAssurance] Fwd_ Keeping up with the Kantarians December 2018.pdf


Minutes Approval

2018-11-01 Meeting Notes were approved by motion. 


Discussion: Questions about the Overview document

Question: Does the IAF cover more than just online solutions?

  • CW said that including offline solutions would make the scope too wide. 

  • RW commented that it would be tough to adjust the criteria to offline solutions. 

  • SS added that IAF addresses Electronic credentials but you access to online solutions. 

  • KD said he will consider making the overview broader in scope and narrow as well.

Question: Should the Glossary be rolled into the Overview?

  • RW said that the options would be to add the glossary in History order within the Overview doc. or in Alphabetical order. He suggested to convert the word doc. in a Web page so the user can expand and collapse the text as it wishes.

Question: What is the Relationship / Difference between Schemes and Classes of Approval? Which includes?, how does Scheme Owner differ from Trust Framework Provider?

  • RW shared a link to definitions on ISO/IEC 17067: https://studylib.net/doc/5379675/introducing-iso-iec-17067-2013 
    -Definition of Certification scheme, in Kantara case would be services instead of products, so it would read: “certification system (3.1) related to specified [services], to which the same specified requirements, specific rules and procedures apply” 
  • RW suggested to adopt document alignment with ISO 17067 as we can see KI IAF in light of this generic description of a certification scheme. IAF is eligible of ISO accreditation. KI describes classes of approval in the context of IAF and certification scheme managed by KI, which in the future could operated by KI as a Certification Body. He added that if KI wants to offer a Privacy assurance framework, it would be a different certification scheme because it would need different requirements and procedures. 
  • RW clarified that when ISO 17065 talks about products it also talks about services and systems, there is guidance in Annex B, how you interpret this doc. when you are offering a service. 
  • Link to ISO 17065: https://www.atlanticcertifiedorganic.ca/isoiec17065_ed1.0_en.pdf
  • RW commented that ISO 17065 is normative but ISO 17067 is a guidance doc. 
  • KD said that he is concerned about the understanding of first time readers if we add this terminology. 
  • CW added that we have not used "certification" because we are not a Certification body in ISO, so it was decided to use "Approval" instead of "Certification" when referring to Kantara Trust Services. The direction is to become an Accredited Certification Body in the future.
  • RW suggested to add definition of certification in the Glossary: It could be defined as "a formal process of granting recognition". 
  • KD said that the next revised draft would be available middle or end of January. 


New Agenda Item by RW - 63A_SAC revision

  • RW commented that there are some issues/problems when applying a set of 63A criteria. For example: in person proofing requirements are not clear in the KI criteria.
  • Criteria that need revision: 63A_360 to 390. RW proposed revision to the text to give better context. 
  • IAWG needs to clarify the criteria and add specific context, otherwise people thinks they are broadly applicable.  
  • RW will forward to the group new text for consideration.