LC telecon Notes 2013-01-23
Call not at quorum
LC telecon 2013-01-23
Date and Time
- Date: Wednesday, 23 January 2013
- Time: 13:00 PT | 16:00 ET | 21:00 UTC (time chart)
- Dial-in:Â Skype:+99051000000481
- US Dial-In: +1-805-309-2350 | Room Code: 402-2737
- For more dial-in information, see: http://kantara.atlassian.net/wiki/display/GI/Telco+Bridge+Info
Agenda
- Roll Call
- Approve Minutes: LC telecon Minutes 2013-01-09
- Administration:
- Executive Director report
- Action Item Review
- Quarterly Reports
- LC Chair, Vice-Chair, Secretary nominations - update
- Update on open All-Member Ballots
- IAF document set
- At-Large BoT seats
- Discussion and Votes
- Kantara 2013 Roadmap and Business Planning
- Proposed group: Cloud Best Practices Network Work Group
- Subscriber vs Member
- WG Updates - 2013 plans
- BoT Liaison Representative Update
- AOB
- Adjourn
Attendees
- Pete Palmer - HIAWG
- Colin Wallis - eGov
- Ingo Friese, Jonas Hogberg - Telco Identity
Guest
- Neil McEvoy
Quorum is 6 of 10 as of 06 June 2012.
Staff:
- Joni Brennan
- Andrew Hughes
- Heather Flanagan (scribe)
Apologies:
Minutes & Notes
MotionID | Motion | Moved | Second | Discussion / Objection | Status |
---|---|---|---|---|---|
 |  |  |  |  |  |
Executive Director report
- Sponsorship Opportunity - a hospitality night "Non profits on the loose" at RSA, put together by National CyberSecurity Alliance, Tech America, and AntiPhishing Work Group; they have asked Kantara to be a partner; Joni is looking for partners to participate in this opportunity at $1000 for up to 5 participants (normally it is a $5000 USD buy in); could break this up other ways if there are more interested participants
- the sponsors do not need to be non-profits, nor do they even need to be Kantara members
- will need to time box this since we cannot commit Kantara dollars at this time
- Please contact Joni if interested
Action Item Review
Action | Assigned To | Status | Description | Comments |
---|---|---|---|---|
20120530-04 | Patrick Curry, Colin Wallis, Joni Brennan, Ken Dagg | In Progress | Come up with first pass of industry classification and Venn diagram | Added: Sal D'Agostino, Andrew Hughes, Rainer Hoerbe |
20121107-01 | Pete Palmer, Heather Flanagan | Open | Work with WG chairs for quarterly reports update. | All overdue WG and DG chairs notified |
20121107-02 | Heather Flanagan, Joni Brennan | Complete | Note to insert link to BoT 2012-11-01 minutes once they are up in draft. | Completed 19 Dec 2012 |
20121219-03 | Heather Flanagan | Complete | Verify whether the By-Laws allow for a non-LC KI member to act as LC-BoT liaison | Posted to LC list 21-Jan-2013 |
20121219-04 | Heather Flanagan | In Progress | Create a zip file of all current, normative documents in the IAF | Will complete after Ballot has concluded |
20121219-05 | Heather Flanagan | Complete | Send out the IAF documents for an All-Member Ballot | Sent to all 14-Jan-2013 |
20121219-06 | Heather Flanagan | Complete | Send an email framing the Subscriber vs Member issue to the LC list for discussion | Sent to LC 21-Jan-2013 |
A-20130109-01 | Heather Flanagan | Complete | Add election timing to LC Roster | See Roster |
Discussion of Action Items
Quarterly Reports
Reminder sent to LC list re: Quarterly Reports
Nominations
- FIWG Chair open for nomination
- IAWG ViceChair open for nomination
Discussion
Proposed group: Cloud Best Practices Network Work Group
- the name should be the Cloud Identity and Security Best Practices Work Group
- started talking about this over about a year ago, but with work schedules had to put it on the back burner for a few months
- A few highlights
- also helping launch a UTC in OASIS - Cloud Computing, Open Standards and Best Practices
- for some recent developments, Neil has been invited to talk to the GSA Cloud Computing group to talk about the common issues in this space
- Comments
- looking for a succinct way this could be positioned for LC members: it is Kantara identity assurance and interop certifications on an IDaaS
- how does the OASIS group differ from Kantara? - OASIS is focusing on all aspects of cloud computing, and embedded the role of Kantara to focus on specifically on the identity issues
- Several industry leaders in security and cryptography are partnering at the OASIS open standards consortium to update and enhance the PKCS #11 standard: RSA/EMC, SafeNet, Thales, SecureAuth, Cryptsoft, Athena Smartcard, HP, Oracle, Quintessence Labs, Bloomberg, and University of Auckland. Surescripts is invited to contribute technical requirements and design through participation in the OASIS Technical Committee. Where does this fit in with other initiatives?
- the other initiatives are all general, and PKCS are to package them for government implementation so they can be audited against specific compliance
- in Section 4, is there an additional item that might be worthwhile? maybe an assessment template to provide to auditors? How would you go about assessing a cloud provider?
- Kantara would basically form the identity piece of the overall assessment template needed in this space
- Are there any IDaaS providers interested in this, or is this presuming a business? there are early adopters such as Verizon already in the market, and others are expected to follow; as soon as there are procurement templates, more will follow
Are you aware of the OASIS DSS-X standard that could enable digital signing in the cloud? the IAF currently does not envision the use of of a non-PKI LoA 3 credential to authenticate for the use of a signing key in the cloud.  Would your new effort provide guidance for this in the future?
- yes, they would be a clearing house for all the OASIS standards
- Next steps are for HF to send out an e-ballot to the LC list, including the notes from today's LC call
Kantara 2013 Roadmap and Business Planning
Subscriber vs Member
WG Updates
BoT Liason Report
AOB
New Action Items
Action | Assigned To | Description | Comments |
---|---|---|---|
A-20130123-01 | Heather Flanagan | Send out an e-ballot for the creation of the CloudIDSec WG | Â |
 |  |  |  |
 |  |  |  |
Â
Next meeting
Date: Wednesday, 30 January 2013 - Strategy call; 06 February 2013 - Admin Call
Time: 13:00 PT | 16:00 ET | 21:00 UTC (time chart)
Call-in toll-free number: 1-866-203-0920
Call-in number: 1-206-445-0056
- Conference Code: 5423695925#