Call not at quorum

LC telecon 2013-01-23

Date and Time

Date: Wednesday, 23 January 2013
Time: 13:00 PT | 16:00 ET | 21:00 UTC (time chart)
Dial-in: Skype:+99051000000481
- US Dial-In: +1-805-309-2350 | Room Code: 402-2737
- For more dial-in information, see: http://kantara.atlassian.net/wiki/display/GI/Telco+Bridge+Info

Agenda

Roll Call
Approve Minutes: LC telecon Minutes 2013-01-09
Administration:
1. Executive Director report
2. Action Item Review
3. Quarterly Reports
4. LC Chair, Vice-Chair, Secretary nominations - update
5. Update on open All-Member Ballots
  1. IAF document set
  2. At-Large BoT seats
Discussion and Votes
1. Kantara 2013 Roadmap and Business Planning
2. Proposed group: Cloud Best Practices Network Work Group
3. Subscriber vs Member
WG Updates - 2013 plans
BoT Liaison Representative Update
AOB
Adjourn

Attendees

Pete Palmer - HIAWG
Colin Wallis - eGov
Ingo Friese, Jonas Hogberg - Telco Identity

Guest

Neil McEvoy

Quorum is 6 of 10 as of 06 June 2012.

Staff:

Joni Brennan
Andrew Hughes
Heather Flanagan (scribe)

Apologies:

Minutes & Notes

MotionID	Motion	Moved	Second	Discussion / Objection	Status

Executive Director report

Sponsorship Opportunity - a hospitality night "Non profits on the loose" at RSA, put together by National CyberSecurity Alliance, Tech America, and AntiPhishing Work Group; they have asked Kantara to be a partner; Joni is looking for partners to participate in this opportunity at $1000 for up to 5 participants (normally it is a $5000 USD buy in); could break this up other ways if there are more interested participants
- the sponsors do not need to be non-profits, nor do they even need to be Kantara members
- will need to time box this since we cannot commit Kantara dollars at this time
- Please contact Joni if interested

Action Item Review

Action	Assigned To	Status	Description	Comments
20120530-04	Patrick Curry, Colin Wallis, Joni Brennan, Ken Dagg	In Progress	Come up with first pass of industry classification and Venn diagram	Added: Sal D'Agostino, Andrew Hughes, Rainer Hoerbe
20121107-01	Pete Palmer, Heather Flanagan	Open	Work with WG chairs for quarterly reports update.	All overdue WG and DG chairs notified
20121107-02	Heather Flanagan, Joni Brennan	Complete	Note to insert link to BoT 2012-11-01 minutes once they are up in draft.	Completed 19 Dec 2012
20121219-03	Heather Flanagan	Complete	Verify whether the By-Laws allow for a non-LC KI member to act as LC-BoT liaison	Posted to LC list 21-Jan-2013
20121219-04	Heather Flanagan	In Progress	Create a zip file of all current, normative documents in the IAF	Will complete after Ballot has concluded
20121219-05	Heather Flanagan	Complete	Send out the IAF documents for an All-Member Ballot	Sent to all 14-Jan-2013
20121219-06	Heather Flanagan	Complete	Send an email framing the Subscriber vs Member issue to the LC list for discussion	Sent to LC 21-Jan-2013
A-20130109-01	Heather Flanagan	Complete	Add election timing to LC Roster	See Roster

Discussion of Action Items

Quarterly Reports

See Quarterly Reports

Reminder sent to LC list re: Quarterly Reports

Nominations

FIWG Chair open for nomination
IAWG ViceChair open for nomination

Discussion

Proposed group: Cloud Best Practices Network Work Group

the name should be the Cloud Identity and Security Best Practices Work Group
started talking about this over about a year ago, but with work schedules had to put it on the back burner for a few months
A few highlights
- also helping launch a UTC in OASIS - Cloud Computing, Open Standards and Best Practices
- for some recent developments, Neil has been invited to talk to the GSA Cloud Computing group to talk about the common issues in this space
Comments
- looking for a succinct way this could be positioned for LC members: it is Kantara identity assurance and interop certifications on an IDaaS

- how does the OASIS group differ from Kantara? - OASIS is focusing on all aspects of cloud computing, and embedded the role of Kantara to focus on specifically on the identity issues
- Several industry leaders in security and cryptography are partnering at the OASIS open standards consortium to update and enhance the PKCS #11 standard: RSA/EMC, SafeNet, Thales, SecureAuth, Cryptsoft, Athena Smartcard, HP, Oracle, Quintessence Labs, Bloomberg, and University of Auckland. Surescripts is invited to contribute technical requirements and design through participation in the OASIS Technical Committee. Where does this fit in with other initiatives?
  - the other initiatives are all general, and PKCS are to package them for government implementation so they can be audited against specific compliance
- in Section 4, is there an additional item that might be worthwhile? maybe an assessment template to provide to auditors? How would you go about assessing a cloud provider?
  - Kantara would basically form the identity piece of the overall assessment template needed in this space
- Are there any IDaaS providers interested in this, or is this presuming a business? there are early adopters such as Verizon already in the market, and others are expected to follow; as soon as there are procurement templates, more will follow
- Are you aware of the OASIS DSS-X standard that could enable digital signing in the cloud? the IAF currently does not envision the use of of a non-PKI LoA 3 credential to authenticate for the use of a signing key in the cloud. Would your new effort provide guidance for this in the future?
  - yes, they would be a clearing house for all the OASIS standards
- Next steps are for HF to send out an e-ballot to the LC list, including the notes from today's LC call

Kantara 2013 Roadmap and Business Planning

Subscriber vs Member

WG Updates

BoT Liason Report

AOB

New Action Items

Action	Assigned To	Description
A-20130123-01	Heather Flanagan	Send out an e-ballot for the creation of the CloudIDSec WG

Next meeting

Date: Wednesday, 30 January 2013 - Strategy call; 06 February 2013 - Admin Call

Time: 13:00 PT | 16:00 ET | 21:00 UTC (time chart)

Call-in toll-free number: 1-866-203-0920

Call-in number: 1-206-445-0056

Conference Code: 5423695925#

International Dial-In Numbers

Browser not supported