LC telecon Notes 2012-08-29
Call not at quorum
LC telecon 2012-08-29
Date and Time
- Date: Wednesday, 29 August 2012
- Time: 13:00 PT | 16:00 ET | 20:00 UTC (time chart)
- Call-in toll-free number: 1-866-203-0920
- Call-in number: 1-206-445-0056
- Conference Code: 5423695925#
- International Dial-In Numbers
Agenda
- Roll Call
- Approve LC telecon Minutes 2012-08-22
- Administration:
- Executive Director report
- Action Item Review
- Quarterly Reports
- Secretary nominations
- Kantara F2F planning
- Discussion
- Trust Framework Subcommittee
- NSTIC
- all-member poll - update
- Trust Framework Work Group
- Open-Stand.org - modern paradigm for standards - (http://open-stand.org/stand-with-us/)
- WG Updates
- BoT Liaison Representative Update
- AOB
- Adjourn
Attendees
- Pete Palmer (chair) - HIAWG
- Colin Wallis - eGov
- Colin Soutar - P3WG
- Ingo Friese - Telco
- John Bradley - FI
Quorum is 6 of 11 as of 06 June 2012.
Staff:
- Heather Flanagan (scribe)
- Joni Brennan
Secretary:
- Â n/a
Non-voting:
- Tom Smedinghoff
- Sal D'Agostino
Apologies:
Minutes & Notes
Administration
Approve LC telecon Minutes 2012-08-22
minutes not approved; call not at quorum
Executive Director report
Submitted via email by Joni Brennan 29-August-2012 to LC
Events:
- Kantara will be participating in the RSA London events as part of UK Id Management Panels.Â
- Kantara will also be participating at Federal Computer Weekly's - Federal Standards event Oct 18 in DC.
- We will need to plan for the Kantara Fall F2F meeting starting now. Expecting LC to start this discussion.Â
ARB:
- Demand is growing for the Assurance program.
- Queue of 10 orgs to get some form of Approval / Recognition
IRB:
- Moving forward with partnerships
- Moving to deployment verification program
- Plan to use combination of open and commercial tools
- first uses facing Gov deployment Profiles of SAML also Profiles of OpenID Connect
NSTIC:
- Committee and WG formations moving forward.
- Next meeting F2F planned for Oct 29-30 in DC
- There will be virtual participation.
- Big goal is to finalize ByLaws and other possible controlling documents.
- Seeking to understand LC input: if Joni should put in for possible leadership role in Trust Framework WG.
Open-Stand:
- Initiative supporting transparent and consensus driven open standards development.
- IAB, IEEE, IETF, ISOC and W3C have signed to "stand" for the principles (http://open-stand.org)
- Should Kantara sign in support? (no monetary commitment - rather, a statement and right to use mark of support)
Â
Further comment on the RSA London:Â will participate in the debate session of the CryptoCommons panel
Further comment on Federal Computer Weekly: this event is meant to cover latest in US Gov't standards, and KI was invited by Experian to participate on a panel there to talk about what's happening with FICAM, identity proofing, how all the pieces fit together
Action Item Review
Action | Assigned To | Status | Description | Comments |
---|---|---|---|---|
20120425-02 | Heather Flanagan | In Progress | collect and coordinate input on changes to make to the operating agreement | Discussion on list, discussed on previous call; text still in progress |
20120530-04 | Patrick Curry, Colin Wallis, Joni Brennan, Ken Dagg | In Progress | Come up with first pass of industry classification and Venn diagram | Draft out to list for discussion; no feedback received; maybe amend this in to a slide that is sector specific |
20120822-01 | Pete Palmer | Â | Contact Bob Pinheiro re: Consumer Identity WG closure | Â |
Â
New Action Items
Action | Assigned To | Status | Description | Comments |
---|---|---|---|---|
20120829-01 | Heather Flanagan | Â | Kantara Participant poll re: dates for Kantara Plenary mtg | Â |
20120829-02 | Heather Flanagan | Â | send out e-vote to LC re: Open-Stand.org support | Â |
20120829-03 | Heather Flanagan | Â | send out a reminder to Kantara Participants re: NSTIC poll and send final results to LC, BoT on Wednesday 5 September | Â |
Â
Quarterly Reports
Secretary nominations
No nominations received
The OP states this can be an appointed role by the LC, so while nominations would be preferred, we can see about getting someone outside the LC to fill this role
Kantara F2F Planning
Face to face meetings happen twice a year (ideal) and the goal is to get as many of the membership there as possible; the smaller meeting held earlier in August was a more unique type of event
- given the other meetings scheduled through October/November, John suggests October 31, Nov 1; also have a Kantara workshop adjacent to the Smart Card alliance meeting at the end of November, possibly in DC December 3-4; October 15 - 16 also a possibility
- AI: Heather to put together a Kantara poll of all participants for these dates; note we would aim for the DC area; noting we try to align with other conference and meetings that make traveling easier; this is at least a 2 day event; rank the events not binary answers
Discussion:
Trust Framework Subcommittee
How do the trust framework components of the different WG within Kantara get centrally managed in a light-touch way; this came out of a discussion in the mini-F2F; Heather is working on a light weight charter which will look at how new requirements come in and get discussed, how the documents overall are structured, who can help oversee how the documents are arranged to make the most sense to the broadest coverage of people; next steps:
- invite chairs of assurance working groups to participate
- gather information and material, send link out for discussion, possibly as a separate call (depending on LC agenda load
note that the OP and By-Laws don't cover the creation/definition of a sub-committee meeting; a topic for a different LC
Discussion:
- Colin W: this was an idea ahead of its time when it first started, but with the rising wave of trust framework efforts in the world, there probably is interest and energy for this now
- Colin S: need to be careful of scope; this was largely thinking about maintaining and upgrading the IAF, breaking it down in to more understandable chunks; shouldn't lose sight of the more general questions that need to be handled
- Joni: pushing the power of the structure of this program, that other things can fit, so want to focus on the IAF so we have a framework ourselves to look at how other things can fit here; need a path within Kantara that gives people an option to NIST for non-gov't or non-US entities; "bring your own requirements, we'll help design a SAC"
NSTIC
- All-member poll re: NSTIC - update
- 14 responses to date, with more than half saying KI should be Participating Member, more than half saying people will participate through their employer
- AI: Heather to send out a reminder; poll will close in 1 week (Wednesday)
- Trust Framework Work Group
- this group did not meet/form at the SG face to face meeting; there is a mailing list and a "space" for this work group and the SG has asked for nominations for leadership of that working group, and Joni has been asked to accept a nomination; this group would work closely with the Accreditation Standing Committee; would like to have the leaders in place by Sept 6 (one week to decide)
- should KI take a leadership role here, or just participate? (Colin W) go for it; (Pete) go for it; (John) most of the WG are asking the question "standards? Standards for what? security for what?" and are looking for use cases and defining the question they are supposed to be answering; (Colin S) a good thing and useful, only question is would the BoT have a similar concern that they did with KI participating on the management council ? (Joni) the BoT was more concerned with the accreditation standing committee participation more than other participation; (John) as long as the WG isn't reviewing contracts, there shouldn't be a conflict of interest
- proposal: to look for a leadership role as co-chair, to be reviewed/reaffirmed at the 90-day period (group consensus, tho' note the call is not at quorum)
- Management Council update (John)
- confirmed when/where the f2f will be; general confusion around tools and how to organize lists; management council list will be opened; management council will meet every 2 weeks in the hour before this LC call
Open-Stand.org - modern paradigm for standards - (http://open-stand.org/stand-with-us/)
Email from Joni Brennan, 29-August-2012 to LC and BoT:
I bring your attention to open-stand.org which summarized as a statement of principles (http://open-stand.org/principles/) of a modern paradigm for standards development.Â
- Due process. Decisions are made with equity and fairness among participants. No one party dominates or guides standards development. Standards processes are transparent and opportunities exist to appeal decisions. Processes for periodic standards review and updating are well defined.
- Broad consensus. Processes allow for all views to be considered and addressed, such that agreement can be found across a range of interests.
- Transparency. Standards organizations provide advance public notice of proposed standards development activities, the scope of work to be undertaken, and conditions for participation. Easily accessible records of decisions and the materials used in reaching those decisions are provided. Public comment periods are provided before final standards approval and adoption.
- Balance. Standards activities are not exclusively dominated by any particular person, company or interest group.
- Openness. Standards processes are open to all interested and informed parties.
As an agenda item I'd like to ask both the Trustees and LC to discuss the OpenStand and to consider Kantara support (http://open-stand.org/stand-with-us/) for this movement. This is not a monetary commitment but a statement of support for the principles. While Kantara Initiative is not a Standards body, organizations like Kantara, industry groups, user groups ,ect depend upon the consensus based and transparent development of open standards.Â
Please consider the above at each groups earliest opportunity.
LC to review and do an e-vote: "Are these principles that KI will publicly support, and is there any feedback we would provide to the authors?
AI: HF to post an e-vote
Â
WG Updates
- HIAWG - no updates; will have a meeting tomorrow
- eGov - in the process of re-chartering; about to release the final draft and vote on it next call (or e-vote if necessary); moving from more of profiles to policy focus; charter should come to the LC before the next call; note that New Zealand also has a SAML profile that needs to be reviewed and passed over to FIWG
- P3WG - continued to work on PAC specific for US FICAM; did make a decision last call that the way the work was structured (Plenary calls alternating with ad hoc working calls) to merge the ad hoc calls in to the Plenary
- TelCo WG - focus on the paper on mobile authentication; almost have enough input to move to next phase of editing for fine tuning, organization; normally do this work in a F2F meeting so looking forward to the KI plenary so this group can plan a meeting around it
- AMDG - looking at a new charter, trying to be more clear about where Attribute Management belongs in Kantara; looking for guidance from the LC on where we should carry on the conversations we learned about attribute management that are also happening in the other Kantara WG; also the Relying Parties and the acronym soup issues need to be cleared up; (Joni) also had discussion on this in F2F so staff has taken the pen on the Attribute Management WG - the proposal is that this new group would have 2 tracks: being a central place for landscape review and liaison work for other work going by keeping a light touch status sheet of activities in this space AND a work track to focus on the concept of an attribute broker, best practices of attribute exchange - focusing in KI space for best practices and how would these practices be verified in an assessment program; no other work (that we're aware of) in that space so it's a good place for Kantara to focus
- next step: draft charter up in a place with a link; find out who would support; move forward to create a WG
- FIWG - received the eGov profile; trying to identify the deployment profiles that can fall out of that; talking to the FSTC about how the core profiles will change in SAML 2.1; the IRB tests are driven off the existing performance profiles so need to understand what needs to change
Â
Call adjourned - out of time
BoT Liason Report
Â
AOB
Â
Â
Next meeting
- Date: Wednesday, 12 September 2012
- Time: 13:00 PT | 16:00 ET | 20:00 UTC (time chart)
- Call-in toll-free number: 1-866-203-0920
- Call-in number: 1-206-445-0056
- Conference Code: 5423695925#
- International Dial-In Numbers