| | | |
---|
| Start the meeting. Call to order. Approve minute Approve agenda
| @John Wunderlich | Called to order: 13:07 ET Quorum achieved Minutes approved (no objections) : |
5 min. | Open Tasks Review | All | |
30 min. | Draft Report Discussion | @John Wunderlich | Report from Implementor’s Report sub-group
Notes: Proposing to include three canonical use cases to help illustrate the general guidance in each section it may be an interesting exercise for each item in the guidance to address each use canonical use case. This would result in three sets of guidances, each guidance with 10 principles, and each principle with three use cases. This would be significant work, but result in potentially easier downstream results when we develop the requirements two ways for identity proofing to occur; one through verifier and the other within the device (within the wallet held on the device, wherever it came from). Suggest modifying the use case to support the second case. biometric pre-check, the checking is done by the verifier (what’s going on in US airports today; walk through a scanning device that scans a person’s face). This is the name of the use case in Kantara identity proofing on device in an offline case
Still unclear how the holder, the individual fits in the outline; @Salvatore D'Agostino to add some words to the Purposes and Scope section of the PEMC Early Implementor’s Guidance Report if we’re aligning with 18013, which is what’s indicated in the charter, then the online and on-device use cases are out of scope; they seem to be very useful, however, so we may want to step back and review the charter scope the wallet has a capability to assert within the transaction that this is the person who they purports to be the problem originated with the concern that the ACLU had against the use of the driver’s licence and whether the verifier goes back to the issuer because that enables surveillance. That does make this a problem that we might well want to to address. online can occur at any time; check in online and make a physical presentation, or more asynchronously biometric-proof of identity on the device: when I present the credential (online or offline), the RP takes the credential device’s word for it that the person is who they say they are; also indicates presentation mode @Tom Jones to draft the biometric use case and online ordering and physical presentation (use Case 2) Andreas: in order to present your mDL you have to authenticate by the bound biometric added when you set up. The identity reader doesn’t get that biometric itself. They may at that point take your photo and compare it to their database. There may be future issue when it comes to proof of presence mode.
Consensus on the doc structure
|
10 min. | Government-issued Credentials and the Privacy Landscape Whitepaper - Discussion | @Heather Flanagan (Unlicensed) | Discussion of (rough) outline Rough outline of the proposed white paper; comments added directly to the doc Going forward, Heather will hold both group and individual listening sessions to collect content and feedback; goal is to have the rough editor’s draft done by the end of the year
|
5 min. | Conference highlights | | |
| Requirements Review | @John Wunderlich | Pending
|
| Other Business |
| |
| Adjourn |
|
|