IAWG Meeting Minutes 2011-07-06
Attendees:
Rainer Hoerbe
Bill Braithewaite
Myisha Frazier-McElveen
Richard Trevorah
David Wasley
Ben Wilson
John Bradley
Rich Furr
Colin Soutar
Apologies
Patrick Curry
Kay Bross
Linda Goettler
Staff:
Joni Brennan
Anna Ticktin
Minutes:
1. ADMINISTRATIVE:
- Roll Call
- Motion for minutes approval: 22 June 2011
- Rich Furr moves to approve the minutes. John Bradley seconds. With no further discussion or objection, the minutes are approved.
Action item review:
- ACTION ITEM 20110622-02 JONI will draft language around an Attribute Assurance charter. In progress.
2. ICAM Privacy requirements — Rich
- The requirements are unachievable and this is a wide-spread community belief.
- However, there are indications from Deb Gallagher that this is intended more as guidance and less as requirements.
- It is agreed by most on the call that the focus should be on NSTIC because their developments have more legally binding implications.
- Our best way forward is to work with FICAM to ensure this functions AS guidance ONLY , as Deb Galligher has stated multiple times, in order to support our efforts developing future standards.
- One possible way to move forward might be to require that IdPs and CSPs only provide the unique individual abstract identifier as part of the identity assertion process. The Federal SAML protocol does allow for out of band attribute queries on the part of the RP which would not be covered under these privacy provisions. This would allow the acceptance of the guidance as written while further work is done to move forward. This approach greatly simplifies the impact of the privacy guidance.
- InCommon feels like it can live with these requirements as they stand and aims to move forward by drafting introductory text addressing alternatives to the the "realtime" requirements.
- Attaching the ICAM Privacy requirements to the Kantara Federal Privacy Profile along with Kantara-crafted introductory text seems like the next step for Kantara.
- Rich will draft a recommendation on behalf of the IAWG to the ARB : so they understand the future impact of accepting this language.
3. SCA
- follow up with John Bradley, re: draft language around the SC space and Kantara Trust Framework initiatives (Did not address on the call).
- solidify content and form an agenda for the Summit so IAWG / Dervla can work with SCA in cross-promotion, publicizing, etc... (Did not address on the call).
4. TFMM WG's draft of an assurance level model from a credential life cycle perspective — Rainer
- Due to time constraints, Rainer asks that members read the draft and prepare feedback for next week's call.
5. Funding Reports
- This item will be pushed to next week's agenda.
6. AOB