IAWG Meeting Notes 2011-07-27
Attendees:
Myisha Frazier Mc-Elveen
Ken Dagg
Ben Wilson
Colin Soutar
Lena Kannappan
Linda Goettler
David Wasley
Richard Trevorah
Staff:
Dervla O'Reilly
Joni Brennan
NOTES:
1. Administrative
- Roll Call
- Motion for minutes approval: 6 July 2011 (quorum not reached)
- Action item review - ACTION ITEM 20110622-02 JONI will draft language around an Attribute Assurance charter. In progress. Joni will contact John Bradley, he has done some work - still open, discuss on next call.
2. Briefing on Kantara & OpenID Summit, 8am-2pm, July 19 - Joni Brennan
- Morning focussed on OpenID Connect - Nat Sakimura & John Bradley are putting spec in a better format. OpenID Connect is based on OAUTH spec. and the plan is to launch in October with an Interop demo. Kantara will participate.
- UMA WG highlighted their control to data (based on OAUTH).
- YubiKey - new identity provider presentation. Development of SAML support site by 2013.
- Salesforce - user centric community came together many years ago, didn't want to see Enterprise own all identities. Years on, we see the likes of Google and Facebook owning identities - full circle. All audiences should be considered.
- IAF summary talk - good interest from the audience, conveyed the work at levels 2.5 and need to have some flexibility to LOAs. How do we fit LOAs to use cases today and make them adoptable? We need to focus on relying parties.
- Jeremy Grant provided an impromptu talk. They expect industry to just go with it. There was a 3rd NSTIC workshop planned for September, they may cancel and focus on the formation of Steering Committee.
- Eve Maler - OASIS, IDCommons, Internet2, OIX, Confusion regarding definition - privacy is important, other side is if privacy is at the forefront then business gets lost.
3. Funding Reports - Joni Brennan
- We asked TERENA if they are willing to fund / grant for projects based in EC. TERENA would like to know what Kantara can bring to the table before they can invest further. Patrick is focussed on the trust framework meta model - he can share thoughts focussed on this. Joni can build that into the proposal. Progress is being made.
- P3 WG: were originally planning to fund for 3 workshops this year. They are now changing that proposal and engaged with a subject matter expert to develop privacy investment criteria against the privacy profile.
- Beacon Group: Myisha presented and highlighted IAWG, the trust framework, how IA interacts with ARB. The presentation was very well received.
4. SCA
Solidify content and form an agenda for the Summit so IAWG / Dervla can work with SCA in cross-promotion, publicizing, etc.. This item carried over from June 22 call, themes discussed:
- "Smart Cards and More"
- "Strong Authentication for Large Populations: Smart Cards and More"
- John / David : there is synergy between a smart card having an identifier that can be strongly bound to a person. (SAML-based service that could provide information about that identifier.)
- "Smarter Card: Strong authentication and Rich identity"
- HIAWG could put forth its PIDS as a use case and partner it's efforts with IAWG
Myisha will most likely attend as will Colin Soutar, Linda Goettler. David Wasley TBD.
Current agenda: http://kantara.atlassian.net/wiki/display/GI/Kantara+Initiative+Summit+2011+11+01
A panel to follow Session 1 could be Smarter Card: Strong Authentication and Rich identity.
6. AOB
Informational note. The ARB has accepted privacy guidance to assessors for the FICAM program. We need to incorporate a reference stack for the IDmanagement.gov page into our stack. Add this to next call, reference federal privacy profile.