Date
2018-09-19
Representation
NOTE: As of February 2018 for calculation of quorum there are 8 Work Groups.
Agenda and Meeting Notes
| Topic | Desired Outcome |
|---|
| Meeting Administration |
| Roll Call |
|
| Agenda Confirmation | - Agenda for this month's Leadership Council call:
- Member/Participant meeting on October 26 - what will we work on?
- Reminder to update/re-confirm charters and leadership elections
- Need to fill one seat to join Ken Dagg to represent Members on the Kantara Board - must be an active Chair/Vice
- Your workplans for 2019 - what will your Group deliver? - Upcoming conferences and speaking proposals
- AOB
|
| Minutes confirmation |
Draft minutes for approval: 2018-04-25 Meeting notes DRAFT 2018-03-21 Meeting notes DRAFT 2018-02-21 Meeting notes DRAFT 2018-01-17 Meeting notes DRAFT 2017-12-20 Meeting notes DRAFT 2017-11-15 Meeting notes DRAFT 2017-10-18 Meeting notes DRAFT 2017-08-16 Meeting Notes DRAFT 2017-05-17 Meeting Notes DRAFT 2017-03-15 Meeting Notes DRAFT 2017-01-18 Meeting Notes DRAFT "To approve listed meeting minutes" Motion by: Second: Discussion: Result:
|
| Organizational Updates |
| Executive Director and Staff Report | Director's Corner: 2018: August Keeping up with Kantara: 'Keep up with the Kantarians' email blasts |
| LC Chair Report | The Kantara Initiative is the global consortium improving trustworthy use of identity and personal data through innovation, standardization and good practice. |
| New Business |
| Member meeting October 26 2018 | From 2018-08 call: - 3 hours in San Francisco, Friday after IIW
- Discussion about requirements for data porting from one provider to another - possibly in reaction to the "Data Portability Project" of Google/MS/Twitter/others
- Scott Ferman - responsible for the Forgerock Demo platform - a 'real' UMAnitarian - might be interested in attending. Also someone from Eve's team.
- Maybe UMA interop for conformance testing? (Gluu, Forgerock, WSO2, KeyCloak, other HEART/Healthcare-focused)
- Possibly Consent Receipt topics (next version of schema, develop next demo)
- Graph models for relationship expression? UMA business relationship graphs/design patterns?
- Colin has opened registration for the October 26 2018 event
- ACTION: Andrew to create an agenda for the Plenary & share it
2018-09-19 call: - Possible "Personal Information Protection Company" (PIPC) pilot discussion (David Thelander)
- A joint WG piece of work
- Discussion on how to align or unify WG activities
- Discussion on a "Product Roadmap" for 'Consent'
- Assurance: roadmap discussion on IAF, IDEF, Privacy assurance
- e.g. a new DG about how IAF and IDEF inter-relate
- How to engage with Consumer Reports (Privacy & Security ratings)
- Evolution/roadmap of conformity assessment program
- The IDEF charter looks very broad
- Conformance testing
- Gluu has done some interop testing with KeyCloak - very useful
- Gluu is reaching out to WSO2 who is now out of beta
- Eve anticipates that more 1:1 matrix testing will occur in 2018 - leading to more formal testing program in 2019
- (sidebar) Korea / KISA is interested in UMA conformance testing - we need to find out what deployments exist
|
| AOB | - The "Blinding Identity" taxonomy sounds like a good idea - keep talking about it.
- Q: Is the IDESG Privacy committee intending to startup in Kantara? Other committees?
|
| 'Adoption' theme for 2019 | - For example - for the Consent Receipt spec, CIS WG decided to do the CR Interop Demo at MyData in Helsinki. It's a forcing function to get products to include code to generate, consume and otherwise 'deal with' consent receipts
- Data interchange between 'wallets'?
- From the UMA Charter:
- To promote UMA adoption
- For example, by offering support for profiling and extension creation and creating educational materials
- To promote interoperability of independent implementations of UMA
- Vendors are starting to implement - tech interop will have to happen
- Deepening the usage patterns for UMA - ongoing
- Consider developing specific extensions for specific use cases (e.g. sector-oriented/'verticals' profiles like for HEART) - also looking at 'horizontal' profiles. e.g. enterprise case where enterprise access rules override the RS Owner's policy direction
- Gluu: scope expressions
- Possible interaction with Rebooting Web of Trust community for Decentralized Identifiers? There are at least 3 interaction points where UMA could intersect with DIDs. e.g. HIE of One.
- OAuth authorization endpoint, Claims authorization endpoint might be intersections with DIDs
- Jarrod Hansen's (Auth0) Identiverse talk - API Authorization proposal - big opportunity if we can engage him - passport.js
|
| WG/DG Updates | Administrative Reminders/Requests: Please ensure your WG and DG charters are reasonably current. These are supposed to be reviewed annually. IRM WG - OTTO WG - UMA WG - BSC DG - IA WG -
CIS WG -
Consent Solutions WG - eGov WG - FI WG - IDoT DG- |
| Launching New WG/DG's |
|
| New publication type | - Andrew proposes to define a new type of Kantara publication: the 'Best Current Practice' Recommendation. This would follow the same intent as with IETF BCP documents.
- Currently the publication type: 'Recommendation' has sub-types of 'Recommendation' and 'Technical Specification'. The 'Best Current Practice' would become a third sub-type.
"The BCP subseries of the RFC series is designed to be a way to standardize practices and the results of community deliberations. A BCP document is subject to the same basic set of procedures as standards track documents and thus is a vehicle by which the IETF community can define and ratify the community's best current thinking on a statement of principle or on what is believed to be the best way to perform some operations or IETF process function." Ref: IETF BCP 9
|
| Long-running Topics |
| Action Items Review | Please take a moment to review the list of action items and do your best to take action. |
| Policies & Procedures update | Operating Procedures are being updated to match the current version of Bylaws. Some streamlining and addition of document publication procedures is being done as well. New boilerplate templates for email ballots are being created. |
| Tips and Tricks |
|
| 2019 Project Funding |
|
| Document repo/Publications Library |
|
| Kantara-presence Events | List of future events on KantaraInitiative.org |
| Plenary planning |
|
Discussion
Events with Kantara presencehttps://kantarainitiative.org/events/ | Conference | Location | Dates | Call for Speakers | Comments |
|---|
| KnowIdentity 2018 | Washington | March 26-28, 2018 | Closed | Kantara panel with Colin, Scott Shorter (Kuma), Id.me (Tracy Hulver), Mary Hodder, Andrew. Any members speaking? | | IAPP Global Privacy Summit 2018 | Washington | March 25-26; March 27-28, 2018 | Closed |
| | IIW #XXVI | Mountain View | April 3-5, 2017 | n/a |
| | ID North Executive Session | Montreal | Mid-april |
|
| | RSA 2018 | San Francisco | April 16-20, 2018 | Closed |
| | Internet2 Global Summit 2018 | San Diego | May 6-9, 2018 | Closed |
| | EIC 2018 | Munich | May 15-18, 2018 | Closed | Who is speaking?
| | Kantara International Privacy Summit | London | May 22, 2018 | n/a | Kantara's first ever branded conference | | IAPP Canada Privacy Symposium 2018 | Toronto | May 22-23; May 24-25, 2018 | Closed |
| | ID North | Toronto |
|
|
| | Identiverse 2018 | Boston | June 24-27, 2018 | Closed | Who is speaking? Eve, Sal, Mark, Mike have been accepted so far | | myData 2018 | Helsinki | August 29-31, 2018 | April 5, 2018 |
|
** Not listed on Kantara site yet |
Action Items