IAWG Meeting Minutes 2014-07-24

Owned by Former user (Deleted)
Last updated: Sept 04, 2014
3 min read

Kantara Initiative Identity Assurance WG Teleconference

 

Minutes approved on 2014-09-04 call

Date and Time

Agenda

NOTE: Carried over from 2014-07-14 which was not quorate

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Minutes approval: IAWG Meeting Minutes 2014-07-10
    4. Staff reports and updates
  2. Discussion
    1. FICAM TFS TFPAP v2 TFP Statement of Adoption update
    2. DRAFT IAF-3250 (S3A) status update
    3. US FICAM Profile - Shorter
    4. Profiling Rules - finalization request from ARB
  3. AOB
    1.  
  4. Adjourn

 Attendees

Link to IAWG Roster

As of 2014 May 6, quorum is 7 of 11

 

Meeting was quorate

 

Voting

  • Rich Furr ( C)
  • Andrew Hughes (S)
  • Scott Shorter
  • Richard Wilsher
  • Devin Kusek
  • Bill Braithwaite
  • Matt Thompson
  • Cathy Tilton

Non-Voting

  • Ken Dagg
  •  Colin Wallis

Staff

  •  Marjissa Jadrosich
  • Joni Brennan

Regrets

Notes & Minutes

Administration 

Minutes Approval

IAWG Meeting Minutes 2014-07-10

Motion to approve minutes of 2014-07-10: Thompson
Seconded: Kusek
Discussion: None
Motion Carried 

Staff Updates

  • 2 Fall events upcoming - check the main events page

Discussion

  • FICAM TFPAP v2 
    • Use the tables in the IAF 1400 to seed the mapping
    • IAF 5463 - useful mappings sources
    • Need to think more about the mapping of component terms - the new AP might be a function of a Kantara Authentication response.
  • IAF 3250 (S3A)
  • US FICAM Profile / restructuring
    • 2 proofs of concept have been circulated by Shorter 
    • Goal is to be able to express more than one profile 
      • To reorganize the IAF such that a FICAM profile is created based on a core set
    • v0.3 might be a mapping of the existing SAC v4 to this new format
    • This will be a substantial effort
    • Please comment back to Scott
    • Wilsher: this work is not the same as the TFPAP v2 conformance letter - this is a major change that would need to go through the 45 day public review process
      • Need to consider impact on approved entities and overall costs to do the work, and review cycles
    • The work is necessary for use in other jurisdictions
    • Q: Can the current v4 be profiled for use in Government of Canada?
      • A: From memory, there were some criteria that were in excess of what GC considered necessary.
      • A: Since the Profile technique only requires a tightening from the base, this causes incompatibility
    • Q: To what extent will the restructuring help GC to use the SAC?
      • A: Would need further study to determine, but sounds promising
    • There is much variation between schemes around things like proof of identification - this must be rationalized and managed
    • Dagg: perhaps this could considered as parameterization to meet the local requirements?
  • Profiling rules
    • Please read and review so that we can finalize approval of the document
    • The current draft is solid and stable, including the requirement to profile for increasing strength/rigour.
    • Next version of the Profiling rules could consider new approaches (some of which were discussed today)
    • Q: How does comparability line up with this? 
      • A: Comparable controls are at the implementation side of the Profile. The Profile is fixed - how it is implemented by a CSP could include comparable controls.
    • Note that the methods used by Government of Canada would not meet the requirements as stated in the SAC - simply because they have chosen different techniques
      • Note also that GC has contracts with 
    • Motion: To approve current draft of IAF 3410 (Profiling Rules) document to be v1.0 and to begin a review to ascertain approaches to satisfy multiple jurisdictional profiles to meet global requirements. :Wilsher; Second: Hughes; Opposed: None; Motion carries.

 

AOB

 

 

Next Meeting