IAWG Meeting Minutes 2014-04-17
Kantara Initiative Identity Assurance WG Teleconference
IAWG Approved 2014-05-07
Date and Time
- Date: Thursday, 2014 04 17
- Time: 09:00 PDT | 12:00 EDT | 16:00 UTC (Time chart - US Daylight Saving Time )
- United States Toll +1 (805) 309-2350
Alternate Toll +1 (714) 551-9842
Skype: +99051000000481- Conference ID: 613-2898
- International Dial-In Numbers
Agenda
- Administration:
- Roll Call
- Agenda Confirmation
- Minutes approval: IAWG Meeting Minutes 2014-04-03, IAWG Meeting Minutes 2014-04-10
- Action Item Review
- Staff reports and updates
- LC reports and updates
- Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
- Discussion
- FICAM TFS Monthly call (occurs April 17 just prior to IAWG)
- Kantara-FICAM mapping update
- AOB
- Adjourn
Attendees
Link to IAWG Roster
As of 2014 March 13, quorum is 5 of 9
Meeting achieved quorum
Voting
- Rich Furr ( C)
- Andrew Hughes (S)
- Bill Braithwaite
- Scott Shorter
- Matt Thompson
- Cathy Tilton
- Ken Myers
Non-Voting
- Ken Dagg
- Jeff Stollman
Staff
- Joni Brennan
Regrest
- Paul Calatayud (V-C)
Notes & Minutes
Administration
Minutes Approval
IAWG Meeting Minutes 2014-04-03
IAWG Meeting Minutes 2014-04-10
Motion to approve minutes of 2014-04-03 and 2014-04-10: Braithwaite
Seconded: Shorter
Discussion: None
Motion Carried
Action Item Review
See the Action Items Log wiki page
(action item log not updated since last call)
Staff Updates
- Director's Corner Link
- Event Radar 2013 and 2014 Link
- Marissa (Project Manager) will be assisting IAWG to support leadership progress and ongoing projects.
- Working closely with other FICAM TFP participants in engaging FICAM program.
LC Updates
- No call this period
Participant updates
- None offered
Discussion
FICAM TFS Monthly call
- Many IAWG regulars were on the FICAM TFS call
- 'Comparability' versus 'compliance' was a hot topic
- FICAM TFS says that TFP's TF rules must show Comparability to the FICAM Trust Criteria. Then the CSP must Conform to the TFP TF rules
- Comparability versus conformance matters more in some areas than others
- The Federal Agencies are asking for certified services that are not the FICAM approved services
- A challenge is that the reasons the Agencies are not accepting FICAM offerings are not fully understood or known
- Is there a view that FICAM Approved services do not deliver services that meet the Agency needs? (needs to be checked)
- FICAM Trust Framework Solutions needs to work with Industry to inform Agencies on the programs and how they meet the requirements
- Should look at how other governments (Canada, New Zealand) have addressed this, and help FICAM
- Kantara could work towards a Comparability Framework drawing on global experiences would be very helpful
- Need to define the process to determine comparability
- Could state the objective for comparability so that the Assessors would have guidance
- Comparability must start at the objective point - this must precede and support the Criteria
- many schemes state criteria without obvious objectives statements
- Look at Canada's work on objectives
- Look at UK GPG 43 - sets up the objectives for service delivery
- Canada did a guide on how RPs should approach risk assessment to determine what they need. Then the CSP offers the AL service and can express how it meets.
- Comment: 4 AL seems to work best when Comparability is not in play - only when there are strict criteria do all parties know what they are getting. When there's uncertainty on what's included, it is hard to stay within an AL and variability ensues.
- Shorter will send: Implementation Guidance for FIPS 140-2 which sets out the cases that have been examined.
Reference links to Canada work:
- Directive - http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16577§ion=text
- Standard - http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=26776
- Guideline of Defining Authentication Requirements - http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=26262
- Draft guideline on identy management http://kantarainitiative.org/pipermail/wg-egov/2013-October/001400.html
Update on FICAM SAC Mapping sub-group
- Round 1 is done - Rich to circulate to IAWG - please comment back and input
- Color coded the requirements
- Note that most ATOS requirements are Red - around the 'Attribute' issue
- Next: create a sub-group to take current SAC and build a 'global core' of requirements,
- then setup for Geographic Entity Profiles (e.g. FICAM, UK GPG, Canada, NZ)
- AI: Rich to call for participation for sub-group - Joni to forward call to Anil for wider engagement. Listeners OK. Contributors must sign GPA.
AOB
Carry-forward Items
Attachments
Next Meeting
- Date: Thursday, 2014 April 24
- Time: 09:00 PDT | 12:00 EDT | 16:00 UTC (Time chart - US Daylight Saving Time )
- United States Toll +1 (805) 309-2350
- Alternate Toll +1 (714) 551-9842
Skype: +99051000000481- Conference ID: 613-2898
- International Dial-In Numbers