IAWG Meeting Notes 2011-02-23

These minutes were approved on 2 March 2011.

Attendees:

John Bradley
Patrick Curry
Rich Furr

Non-Voting:
Ken Dagg
Rainer Hoerbe
Mark Lizar
Ben Wilson
Lena Kannapann

Apologies:
Frank Villavicencio
Neil Clowes
Myisha Frazier-McElveen
Bill Braithwaite

Staff:
Joni Brennan
Anna Ticktin

Meeting Notes:

1. ADMINISTRATIVE:

Roll Call---Quorum not achieved.

  • Reminder of Motion of Minutes Approval: 9 Feb 2011
    With quorum not achieved, the previous minutes could not be approved and what follows will remain unofficial notes.

Berlin F2F check-in:
The following people have indicated their intent toward attendance:

  • Ken Dagg: 50-50 chance
  • Rainer Hoerbe: definite attendee and will stand up the Trust Framework Architecture Meta Model
  • Ben Wilson: will not attend in person, but would like to participate in the teleconference. The RP Guidelines documentation could be an agenda item at the F2F
  • Patrick Curry: definite attendee
  • Mark Lizar: probable attendee    
  • IAWG F2F agenda time will be held for the afternoon to facilitate North American attendance by telecon.
  • The IAWG feels that the TFW Architecture Meta Model should remain under the IAWG umbrella, but the group agrees that there are considerable overlaps and interdependencies.
  • Eventual funding may redirect the scope of this work.
  • Kantara staff is looking at several ways of how to social and move interdependent wgs/programs/projects forward.
  • ACTION ITEM 20110223-01 Anna — Move IAWG Value Proposition presentation to the IAWG Home page

2. RSA Report — Joni and Rainer

  • Trust Frame Work Architecture has been renamed Trust Framework Meta Model.
  • Patrick, Susan Morrow (UMA) and Rainer met at RSA to discus the TFW Meta Model interdependencies / document with the intent to align terminology, use case description and trust relationships.
  • The terminology and contents have been separated.
  • The second part of the Meta Model will be a test tool--- helping to map particular frameworks to the test tool and provide a gap analysis.
  • The broad community convened at RSA seemed to widely offer their support of this project .
  • Id Collaboration Day was a success as the community came together to identify and discuss  convergence.
  • Peter Watkins of BC Gov has prepared some collateral telling the story of how the trust framework model works around trusted credentials and will be sharing this with Kantara's BCTF DG soon.
  • Dazza Greenwood from eCitizen has launched  the url: NSTIC.US. It's a forum to aggregate comments to the public. Kantara feels all discussions are good, but we don't want to take a position as an advocacy organization. Our focus is on a strong working track. Our stakeholders are action-driven (ie development of white papers, educational documentation, etc.).

NSTIC:

  • Discussions highlighted the convergence on RPs guidelines.
  • Some key take-aways:  RFPs from government agencies would be useful as would Identifying more drivers for higher level of assurance.

GRC:

  • A suite of tools around governance and risk management in enterprise. Shortly, we will be looking at how GRC maps to the IAF.

Jeremy Grant and Andy Osmond touch base meeting with stakeholders:

  • The takeaway is that they are still looking to release the NSTIC implementation plan within the next 2-6 weeks.
  • Our concern with NSTIC is that we're looking for ways for NSTIC to support what's been done to date and impact with multi-national programs. We want to be clear not to create paths for divergence.
  • How will NSTIC respond to all the developments budding within the community as a whole?
  • Patrick questions understanding the relationship between NSTIC and ICAM.
  • John's response: FICAM is both assertion and pki based credential. ICAM's goal is broader than just Government. Simply put answer: Trust FWs and Certification programs.
  • Question: How might Kantara influence NSTIC---?
  • Response: The TFW model could be a clear way forward. This would be a great topic for continued conversation. KI could leverage it's multi-national stakeholders.

3. SAC Profiling Document Report — Myisha
    Due to time constraints, this agenda item was not discussed.

4. Recruiting Auditors & Assessors — Frank/Joni
    Due to time constraints, this agenda item was not discussed.

5. AOB

  • FAQs
    Due to time constraints, this agenda item was not discussed.

Adjourned.