IAWG Meeting Minutes 2012-01-11
Attendees:
Ben Wilson
Mickey Tevelow
Joe Stuntz
Myisha Frazier-McElveen
Neil Clowes
Dan Combs
Richard Trevorah
Rich Furr
Nathan Faut
Linda Goetler
Staff:
Joni Brennan
Anna Ticktin
MINUTES:
1. ADMINISTRATIVE:
- Roll Call
- Motion for minutes approval: tabled
2. FEDERAL PRIVACY PROFILE
- Pending David Wasley's final review approval, the doc will go to the group for a final vote before being brought before the LC
3. ARB UPDATE
- Electrosoft has submitted its application for accreditation
- Federation Operators Certification is being considered as a track. Discussion are in "value assessments" stages as it may be too early for the market. But KI leads the charge in the community regarding the future need for this item...
- Use Case Item : application of the SACs ...ID proofing orgs are being put forth as "parents" and credential issuance institutes are coming forth as the "child". The ARB considers this a good use case topic to be put forth in the IAWG. This item should get time on the agenda once the issue gets further refined.
- Growth of the ARB: new members/organizations are being considered as potential additions since often members must recuse themselves from reviews. It seems increased membership would aid this...giving more voices and oversight to an application review.
4. ROAD MAP
Resources Required (KAR and RP Guidelines)
- Joni advises that the proforma for the KAR might target assessor organizations to generate this report and tap relying parties to review what was addressed in this type of report.
- This report is needed soon so that assessors can provide this guidance---target Q1.
- Myisha will look into championing this from her new position at Deloitte.
- Auditing orgs would be the appropriate lead organizations on this type effort.
- ACTION ITEM 20120111-01 : Anna will reach out to eValid8 and KPMG for interest on this project (creating proforma for the KAR) as editors
- Relying parties should be suggested so that they may be included as reviewers.
5. FUNDING REPORT
- Patrick Curry sends his apologies for today's meeting and thus no report or updated is available for today's call.
6. ANSI / NASP IDPV EFFORT
Dan Combs reports...
- There is an opportunity for IAWG to provide its input on the documents currently being drafted and reviewed by various standards bodies.
- Myisha contacted Dan to suggest NIST has an interest. Dan suggests IAWG could bend the curve of this standard to be more relevant to the community and to change the course of a potentially bad standard from being delivered.
- Is there interest within the IAWG in ID proofing and verification standards?
- There was discussion at the RWC F2F around pulling the ID Proofing SAC out of the IAF and embellishing with additional criteria as necessary and thereby making the IAF more robust and responsive to the NASPO requirements.
- No provision for remote proofing. As a physical doc, it's heavy, un-focussed and misses knowledge based approaches. Use-based or info-based approaches are untouched — rather it focuses more on tech fraud.
- Neil Clowes will share the process of how the UK tackles levels of ID Proofing-noting they follow more of a "points scored" system.
7. IAF V 2.0 REVIEW
- Tabled
8. AOB
- None