IAWG Bi-Weekly Meeting Minutes - 2010-01-06

Kantara Initiative Identity Assurance WG Teleconference

Notes ratified to Minutes on March 31, 2010 teleconference.

Attendees:

  • Colin Soutar
  • Shin Adachi
  • Ben Wilson
  • Pete Palmer
  • Bob Pinheiro
  • David Wasley
  • Richard Wilsher
  • Tom Smeddinghof
  • Jason Seto
  • Patrick Curry
  • Sampo Kellomaki
  • Nigel Tideschi
  • Richard Trevorah
  • Lena Kannappan
  • Dave Temoshok
  • John Bradley
  • Frank Villavicencio
  • Brett McDowell
  • Joni Brennan

1) Roll call

  • Quorum achieved

2) Review of action items/follow ups from our last call

(all past minutes can be found here http://kantara.atlassian.net/wiki/display/idassurance/Meetings+and+Minutes)

3) Status of IAWG reports and recommendation

(available here:http://kantara.atlassian.net/wiki/display/idassurance/WG+Approved+Specifications)

a. Review feedback received to date

  • Suggestion: have one single review of all of the gathered comments
    if people have follow on they can send over email earlier
  • Joni to discussed issue tracking methods
  • Patrick - How does iaf relate to PIV I activity ISO 29115 NATO Identity Directive. ID Proofing and proofing interoperability?
    Are we covering enough of the proofing to ensure other nations are aware of the IAF work (non-technical)
  • IAWG should produce and analysis of how the PIV works are comparable. Some one needs to own it as a deliverable. Call members feel there is value in this proposal. Map across the schemes has value especially at higher levels of assurance. PIV I is not yet publicly available.
    Request that David T let us know when that work is out for review.

4) Vote on two motions

(the referred documents are available here:http://kantara.atlassian.net/wiki/display/idassurance/Working+Drafts)

  • Colin - csc had submitted comments that also apply to motions on the table
  • David T - the CSC comments are helpful but should not delay the work. There is value to 'standardizing' the terms in a sense.
    sounds like 2 proposals there - one is an overview which is already actually there. So this may be an 'extending the overview'.
    looking for deeper exploration in the overview docs more discussion of the hierarchy of the docs (perhaps and in some content from OIDF communication put together by Brett). Review if there are similar terms used by SDO's and if no KI terms could be defined
  • NOTE: Part of the problem is that the ITU-T has not published their full definitions list. Thus we've not been able to review it yet.
  • Brett explained the process around Draft Recommendation releases. Additionally it was noted that these are not FINAL works. If IAWG has a vote on the drafts today we fully expect to continue to review the documents and modify them for improvement.
  • John B - is there some time pressure that the IAWG / ARB has to get these approved?
    Yes we need ratified documents to move forward on at this point. There are expectations in the ARB and Board that IAWG will ratify these documents to support the pilot program.

a. MOTION #1: The Identity Assurance Work Group hereby recognizes the "Identity Assurance Framework - Assessor Qualifications and Requirements version draft 0.6.2" as a Draft Recommendation per the Kantara Initiative Operating Procedures.

  • Ben Wilson (DigiCert) moves / Patrick Curry (Clarion Identity) second
  • Colin Soutar (CSC) abstains
  • No Discussion or Objections
  • Motion APPROVED

b. MOTION #2: The Identity Assurance Work Group hereby recognizes the "Identity Assurance Framework - Assurance Assessment Scheme version draft 0.9" as a Draft Recommendation per the Kantara Initiative Operating Procedures.

  • Ben Wilson (DigiCert) moves / Patrick Curry (Clarion Identity) second
  • Colin Soutar (CSC) abstains
  • No Discussion or Objections
  • Motion APPROVED

5) Roundtable discussion on Pro-forma and/or Donated Legal Agreements for identity federation

– Tom Smedinghoff (guest speaker)

  • Attorney with law firm in Chicago, co-chair of Federated ID Legal Task Force.
  • Started in 2009 regarding the need to address the legal side of issues. We have efforts underway with in the task force. There is a potential problem of definitions.
  • Goal: To identify all of the legal issues involved in IdM legal structure models out there or proposed structures reviewing contract language* Historically - contracts have been needed and have not been available to all players.
  • Do we wish to play a role of helping a CSP get off the ground? One concern is NOT to provide legal advice but to provide technical based feedback to contracts.
  • IAWG could help in the review of the documents. There would be high value in a type of legal checklist - here is a set of things that need to be addressed 'legally'
  • People who have interest should sign up for the list serv (http://www.abanet.org/dch/committee.cfm?com=CL320041)

6) FORG status and next steps

- Rich Furr

  • Ran out of call time.  Tabled for next call.

7) Any other business

  • None

8) Adjourn