Kantara Initiative Identity Assurance WG Teleconference

Date and Time

Date: Thursday, 2015-03-26
Time: 12:00 PST | 15:00 EST | 20:00 UTC (Time chart - US Standard Time )
Time: 12:00 PDT | 15:00 EDT | 19:00 UTC (Time chart - US Daylight Saving Time )
United States Toll +1 (805) 309-2350
Alternate Toll +1 (714) 551-9842
Skype: +99051000000481
- Conference ID: 613-2898
International Dial-In Numbers

Agenda

Administration:
1. Roll Call
2. Agenda Confirmation
3. Minutes approval: IAWG Meeting Minutes 2015-02-19, DRAFT IAWG Meeting Minutes 2015-02-26, DRAFT IAWG Meeting Minutes 2015-03-12
4. Action Item Review
  1. Richard Wilsher to provide proposed change that reflects the ISO/IEC 19790 approach
5. Staff reports and updates
6. Assurance Review Board (ARB) and Leadership Council (LC) reports and updates
7. Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
Discussion
1. NIST SP 800-63 commentary round-up
AOB
Adjourn

Attendees

Link to IAWG Roster

As of 2015-01-22, quorum is 6 of 11

Use the Info box below to record the meeting quorum status

Meeting achieved quorum

Voting

Ken Dagg (C)
Andrew Hughes (VC)
Scott Shorter (S)
Rich Furr
Lee Aber
Devin Kusek
Cathy Tilton
Adam Madlin
Richard Wilsher

Non-Voting

Bob Pinheiro
Björn Sjöholm

Staff

Joni Brennan

Regrets

None

Notes & Minutes

Administration

Minutes Approval

IAWG Meeting Minutes 2015-02-19, DRAFT IAWG Meeting Minutes 2015-02-26, DRAFT IAWG Meeting Minutes 2015-03-12

Motion to approve minutes of 2015-02-19: Andrew Hughes
Seconded: Rich Furr
Discussion:
Motion carried

Motion to approve minutes of 2015-02-26:
Seconded:
Discussion: Scott Shorter to update the minutes to reflect that the actual notes were lost by user error.
Motion: Defeated

Motion to approve minutes of 2015-03-12: Andrew Hughes
Seconded: Adam Madlin
Discussion:
Motion Carried

Action Item Review

Richard Wilsher to provide proposed change that reflects the ISO/IEC 19790 approach

Staff Updates

Leadership Council (LC) Updates

Ken reports that the Trust Framework Metamodel and Business Case for Trust Frameworks groups are being shut down before long.
Kantara is receiving attention for approval of UMA and the Principles of Identity Relationships - being promoted at upcoming events
SecureKey has joined the Kantara board of trustees

ARB updates

No specific updates.

Discussion

Returning to the topic of NIST 800-63, Electronic Authentication Guidance. NIST is contemplating how to proceed with revision to that document. As IAWG we are trying to prepare to gather thoughts and be coherent when the call comes.

Andrew has an outstanding task to contact Paul Grassi from NIST regarding thoughts from tthe IAWG on how to gather comments from industry. Group consensus seems to be that an RFI is the way to proceed, a reasonable mechanism for NIST to use to gather information. Possibly with follow up workshops as well.

Andrew hoped that we could tackle a high level discussion of the areas that need work in 800-63

General areas of potential comment: governance, technical, fit/flexibility, document structure

Cathy Tilton provides Example - Daon's comments on biometrics as an additional authentication factor instead of an unlock mechanism for authentication token. Also said there's a need to handle mobile devices better.

Bob Pinhiero asks about liveness tests. Cathy responds that this is part of why it would be an added authentication factor instead. Bob brings up the yubico example of a crypto token that's stored and unlocked with biometrics (which is already permitted). Cathy points out that LOA2 allows proof of possession of the device, and LOA3 adds additional factor. Daon product has some liveness detection, but NIST states that it varies by biometric modality and they have no standard for determining the effectiveness of a liveness measure. They also do not have accuracy requirements for the basic biometrics either.

Ken Dagg states the concern that we don't know if NIST is looking for things that should be included or potential solutions to things that can be included.

Andrew captured a number of items on a mind map which the team reviewed via join.me

Next meeting in two weeks.

AOB

Carry-forward Items

Attachments

Next Meeting

Date: Thursday, 2015-04-09
Time: 12:00 PT | 15:00 ET | 20:00 UTC (Time chart - US Standard Time)
Time: 12:00 PDT | 15:00 EDT | 19:00 UTC (Time chart - US Daylight Saving Time )
United States Toll +1 (805) 309-2350
Alternate Toll +1 (714) 551-9842
Skype: +99051000000481
- Conference ID: 613-2898
International Dial-In Numbers

Browser not supported