Customise the different types of events you'd like to manage in this calendar.
#legIndex/#totalLegs
RESTRICT THE CALENDAR
Optionally, restrict who can view or add events to the team calendar.
#legIndex/#totalLegs
SHARE WITH YOUR TEAM
Grab the calendar's URL and email it to your team, or paste it on a page to embed the calendar.
#legIndex/#totalLegs
ADD AN EVENT
The calendar is ready to go! Click any day on the calendar to add an event or use the Add event button.
#legIndex/#totalLegs
Contributions updates
Status
Issues
Next period plan
Chair
JJ - Experian Remote ID proofing to NIST IAL2
Stuart - UK Housing
Joe - W3C
John - Aadhaar
Aasim - end next week estimate
John - Peru
RENIAC - submitting soon
John - Mexico
End next week estimate
Andrew - Alipay
Andrew to use Chinese financial regulator rules to create a use case; Alipay folks are looking for best path to contribute their use cases
Peter - Airside Mobile
Others?
Terry - USPS x 5
Has mapped the use case steps back to requirements of NIST SP 800-63-3A
Comment: is it possible to reach IAL2 without using a photo?
Walked through In Person Proofing As A Service use case
Q: Is it always necessary to check with an issuer/authoritative source? Or is an examination of the security features of the credential sufficient?
A: 63-3A there's an issue that an 'Authoritative Source' must have access to the data at the 'Issuing Source' - this is not practical in many/most cases - so compensating controls are required.
63-3A says 'published by an issuing source' - technically, for example, a drivers license is 'published' so does that count?
Walked through Device ID and Reputation case
explores what is meant as 'evidence' and how risk-based insights about the person/browser agent could be folded into recognition processes (e.g. device fingerprinting)
Comments: Look into valididy to see if they have material for this DG
Comments: taking ongoing relationship with RP into account to elevate IAL over time - e.g. ongoing use of financial services
Writing teams updates
Status
Issues
Next period plan
Chair
AOB
Chair
Terminology discussion
Joe - email looking at the terminology 'replacement rule' - boils down to comparison between two 'entities' that are actually different - this should be resolved somehow
Richard - might be useful to qualify the term 'entity' with adjectives describing what stage of 'proofing-ness' it has attained so far (paraphrased)
Joe - the objective is to compare the information about the applicant to the identity information records held at the authoritative sources to determine if the applicant is the expected entity (paraphrased)
Richard - describe this a 'presented profile' from the applicant versus the 'recorded profile' held at the authoritative source (paraphrased)
This needs more analysis - on the list
Adjourn
Chair
Next DG meeting Wednesday, February 06, 2019 11:00 Pacific Standard Time / 14:00 Eastern Standard Time / 19:00 GMT
