2019-05-30 Minutes
Attendees
Voting participants: Mark Hapner; Richard Wilsher; Martin Smith; Rich Furr
Non-voting participants: Roger Quint
Staff: Colin Wallis, Ruth Puente
Quorum: 4 of 7. There was quorum.
Agenda
- Administration:
- Roll Call
- AgendaConfirmation
- Minutes Approval 2019-05-23 DRAFT Minutes
- Action Item Review: action item list
- Staff reports and updates - Director´s Corner and Keeping up with Kantara May 2019
- LC reports and updates
- Call forTweet-worthy items to feed (@KantaraNews or #kantara10)
- Discussion
DIACC Request for Review & Comment: Verified Login Component & Verified Login Conformance Profile
b. NIST 800-63-3 Implementation Guidance Reports
3. Any Other Business
Minutes Approval
2019-05-23 DRAFT Minutes were approved by Motion. Moved: Mark Hapner. Unanimous Approval.
Updates (by Colin Wallis)
- Director´s Corner - April 2019
- CARIN Alliance want to push a hit in the Identity Federation particularly in the space of US Healthcare, TEFCA. They are interested in Kantara's work on 800-63-3. They are focused on creating their own Code of conduct self attestation, in this sense they have been reviewing the IDESG Registry.
- Interest on Electronic prescriptions for controlled substances EPCS and the potential for Kantara to be involved on it (Health Assurance).
- These are two separate approaches to Kantara to be involved in the Mobile Driver Licenses landscape.
- Newsletter: May
- LC update: Nothing has changed in relation to UMA development since last call, very similar case with Consent Receipt. Consent Receipt going into ISO 29184, they are keen on creating a consent receipt on record standard separately; Kantara is required to help them with a base draft frame.
DIACC Request for Review & Comment: Verified Login Component & Verified Login Conformance Profile
- Colin mentioned that in a general sense, it does not feel grounded enough.
- Verified Login Component Overview: There was discussion on the privacy criteria for anonymous identity.
- The question that arose about giving data to somebody was “should they give you control over that, is it still private data even-though they do not know who you are? Is there some Assessment criteria if such a thing exists?
NIST 800-63-3 Implementation Guidance Reports
Richard Wilsher walked the IAWG through the following reports, with recommendations for NIST on 800-63-3:
- Guidance on Permitting “Commodity” Hardware for Unsupervised Remote Identity Proofing (Ed. Scott Shorter)
- Guidance on Selection of Authoritative Sources (Ed. Scott Shorter)
- Consistency of terms describing proofing types (Ed. Richard Wilsher)
- Scope and Application of ‘Trusted Referees’ (Ed. Richard Wilsher)
- Impasse on KBV approval for IAL2 (Ed. Roger Quint)
IAWG approved Guidance on Permitting “Commodity” Hardware for Unsupervised Remote Identity Proofing Report and Guidance on Selection of Authoritative Sources Report. It was agreed that the other reports would be approved by eBallot.
Action items
1. Richard to write a cover letter for NIST and adjust the reports as required.
2. Ruth to emit an eBallot to approve the cover letter and the set of reports for NIST.