/
IAWG Bi-Weekly Meeting Minutes - 2010-05-12

IAWG Bi-Weekly Meeting Minutes - 2010-05-12

May 26, 2010

Kantara Initiative Identity Assurance WG Teleconference

1 Date and Time | 2 Attendees | 3 Apologies | 4 Agenda | 5 Minutes | 6 Next Meeting

Working Draft

Unapproved minutes as taken by Brett McDowell, IAWG Secretary.

Date and Time

  • Date: Wednesday, May 12, 2010

  • Time: 8:00 PT/11:00 ET/15:00 UTC

Attendees

  • Shin Adachi, NTT

  • Marc Aronson, Pennsylvania Association of Notaries

  • John Bradley

  • Patrick Curry, Clarion Identity

  • Myisha Frazier-McElveen

  • Rich Furr, Safe Bio-Pharma

  • Helen Hill, HIMSS

  • Brett McDowell, PayPal

  • Richard Trevorah, tScheme

  • David Temoshok, GSA (non-voting)

  • Joni Brennan, Staff (non-voting)

  • Erika McCallister, NIST

  • Richard Wilsher

  • Colin Soutar, CSC

Apologies

  • Ken Dagg, Canadian Government

  • Pete Palmer, SureScripts

  • Frank Villavicencio, Identropy

Agenda

  1. Roll call - Brett McDowell

  2. Discuss Progression of ISO 29115 - Erika McCallister

  3. Request and Discuss feedback to FORG document - Rich Furr

  4. Progress "eCitizen Assurance Harmonization" initiative - Brett McDowell

  5. Any Other Business... Adjourn

Minutes

1. Roll call - Brett McDowell

Summary:

  • Whereas the IAWG has failed to reach quorum consistently in 2010; and whereas the Kantara Initiative Operating Procedures authorize any Work Group chair to remove members who have missed two consecutive meetings; and whereas today's meeting would not achieve a quorum unless action was taken to remove participants who had missed two consecutive meetings; The acting Chair, at the request of the Secretary, authorized removing the following members from voting membership per their attendance record for the sake of maintaining quorum as authorized by the Kantara Initiative Operating Procedures:

  • Lena Kannappan

  • Sal Kahn

  • Ben Wilson

  • AI: Brett to contact everyone who was removed.

  • AI: Brett to seek confirmation from the LC that taking such action at the beginning of a call, as opposed to the more common practice of taking action between calls, is aligned with the intent of the Operating Procedures.

2. Debrief the ISO SC27 WG5 meeting held April 22 in Melaka, Malaysia and associated progression of ISO 29115 - Erika McCallister

Summary:

  • Melaka meeting was on the 22nd of April, editing session was shortened due to strange logisitical consequences related to the volacano and travel blockage.

  • The WG5 members agreed to split 29115 into three parts as follows:

    • Applicable Information, Background, Overview

    • Human-electronic authentication (debate on whether to use "remote" or "electronic"

    • Machine-device authentication (not developed)

    • Potential 4th area for legal entity (corp.'s) authentication (not developed)

  • The document containing the first two sections was moved to Committee Draft 1 (CD1) status.

  • The 3rd and 4th sections have no content at this time and Erika, as editor of 29115, will issue a call for contributions for those two sections.

  • (Richard Wilsher joined the call at this point)

  • The ITU-T representative to WG5 was Tony Nadalin who replaced David Turner due to travel issues.

  • There was no ISO Plenary session due to travel issues.

  • The next ISO meeting is the week of October 4th in Berlin.

  • What can we IAWG do?  Work on responses to the Liaison Statement (which we should receive soon)...

    • LC has no NDA process to support collaboration with NDA-bound organizations like ISO

  • AI: Frank to poll the membership to see who is in a position to work on ISO confidential documents, i.e. who is already a member of both ISO and IAWG.

  • IAWG will get it's liaison statement probably mid-June along with the updated 29115.

  • Key Point: The re-structuring of 29115 may have an impact on the structure of IAF.

    • 29115 has a section now that looks a lot like the SAC's high-level of IAF.

    • Richard W. suggests that perhaps IAF will need to revised.

    • Brett suggested it was too early to tell if that's true but it's a key point we should consider once we see the response to Erika's call for contributions.

  • Ad Hoc discussion about how KI IAF can be recognized by the US Federal PKI Policy Authority (FPKIPA)

    • The motivation for having IAF recognized by the US FPKIPA was to substantiate that IAF is sufficient for LOA=3 & 4 PKI. The ICAM TFP program only recognized IAF for LOA=1-3 non-PKI. This is not a reflection of deficiency on the IAF but a simply matter of scope for the ICAM program. That ICAM TFP program is only authorized to recognize trust framework providers for LOA=1-3 non PKI. LOA=3 & 4 PKI is the sole dominion of the FPKIPA.

    • a bridge would need to adopt the IAF and then be KI certified since FPKIPA – unlike the ICAM Open Identity for Open Government Initiative – only acknowledges bridges, not Trust Frameworks or Trust Framework Providers (TFP's)

    • Rich F. mentioned that SAFE BioPharma sees value for extending their FPKIPA into KI IAF for healthcare use cases like AL2. If they did this it would substantiate IAF in the US FPKIPA since SAFE BioPharma is already cross-certified with the Federal Bridge.

3. Request and Discuss feedback to FORG document - Rich Furr

Summary:

  • The most recent draft of the FORG is on the wiki and went to the list this morning. 

  • AI: Would everyone please work on this over the next two weeks, Rich will get those into a single document for our next call.

4. Progress "eCitizen Assurance Harmonization" initiative - Brett McDowell

  • This topic is just a placeholder to describe what was discussed in the last call, i.e. using IAWG as a forum for a government harmonization effort (US, Canada, New Zealand, UK, EU, etc.)

    • We need to start by inviting folks and giving them time to plan their participation.

    • AI: Rich Furr to reach out to John Stienen of the European Commission who was leading the IDABC effort;

    • Ken Dagg is our natural contact with the Canadian Government.

    • AI: Rich Furr to invite a representative from the Provoo Group.

    • AI: Frank to reach to Brazilian government program.

    • AI: David T. will look into who would be the right person from the US Federal Government to participate in these discussions.

    • AI: Joni to invite Neil Clowes of UK Government.

    • AI: Richard T. and Patrick C. will make invitations to other UK Government representatives they work closely with.

5. Any Other Business... Adjourn

Helen Hill gave a report on SEMHIE (SouthEast Michigan Health Information Exchange)... the first Health Information Exchange to publicly adopt the IAF

  • they won one of 15 contract awards from SSA... 12 month contract. 

  • They have national partners, including Kantara as IAF steward. 

  • They are working on more funding as well. 

  • They want to do testing on security and encryption. 

  • Partners from the Beacon Project are helping SEMHEI build out their program. 

Adjourned at 12:06pm EDT.  Rich F. moved and Richard W. seconded,

Next Meeting

  • Date: Wednesday, May 26, 2010

  • Time: 8:00 PT/11:00 ET/15:00 UTC (Time Chart)

  • Dial in: Skype: +9900827044630912 or US Dial-In: +1-201-793-9022 | Room Code: 4630912