• Approved
  • 2024-04-03 Meeting notes

     


    Date

    Apr 3, 2024

    Attendees

    See the Participant roster

    Voting (3 of 6 required for quorum)

    Participant

    Attending

    Participant

    Attending

    1

    Chaudhury, Atef

     

    2

    Jones, Thomas

    Y

    3

    Krishnaraj, Venkat

     

    4

    Thoma, Andreas

    Y

    5

    Wunderlich, John

    Y

    6

    Williams, Christopher

    Y

    Non-Voting

    Participant

    Attending

    Participant

    Attending

    1

    Auld, Lorrayne

     

    2

    Aronson Mark

     

    3

    Balfanz, Dirk

     

    4

    Brudnicki, David

     

    5

    D'Agostino, Salvatore

    Y

    6

    Davis, Peter

     

    7

    Dowtin, Jazzmine

    Y

    8

    Dutta, Tim

     

    9

    Flanagan, Heather

     

    10

    Fleenor, Judith

     

    11

    Glasscock, Amy

     

    12

    Graaf, Irene

     

    13

    Gropper, Adrian

     

    14

    Hodges, Gail

     

    15

    Hughes, Andrew

     

    16

    Jordaan, Loffie

    Y

    17

    LeVasseur, Lisa

     

    18

    Lopez, Cristina Timon

     

    19

    Pasquale, Jim

    Y

    20

    Snell, Oliver

     

    21

    Stowell, Therese

     

    22

    Sutor, Hannah

     

    23

    Tamanini, Greg

     

    24

    Vachino, Maria

     

    25

    Whysel, Noreen

     

    Goals

    • Review process for requirement creation and review

    • Begin work on 1.1 requirement

    Discussion items (AKA Agenda)

    Time

    Item

    Who

    Notes

     

     

    Time

    Item

    Who

    Notes

     

     

    5 min.

    • Start the meeting.

    • Call to order

    • Approve minutes

    • Approve agenda

    @John Wunderlich

    Called to order: 14:03

    Quorum reached: Yes

    Minutes to approve: Yes

    https://kantara.atlassian.net/wiki/spaces/PEMCP/pages/418709677

     

     

     

    Open Tasks Review

    All

    Link to Recommendations (Commenter Link): Recommendations for Privacy Enhancing Mobile Credentials

     

     

     

    Kantara Nano-Visions Exercise

    @John Wunderlich

    Eve Mahler has been leading the Kantara board through a nano-visions exercise, and they are looking to gather input from each group for discussion on the next Leadership Council Monthly call. @John Wunderlich will share the deck from Eve and then the group is asked to brainstorm a response.

     

     

     

    Discussion on Requirements

    @John Wunderlich

    Raised a question on the relationship between the trust failures in the environment and the device binding. John reads that to be the difference between technical trust and human trust.

    Board is looking to understand the beliefs of the PEMC work group and what is the evidences that substantiates the beliefs.

    What is the intention of the products of the workgroup? Requirements, Compliance testing, a Standard?

    In the context of mobile credentials, the WG was highlighting the risks to privacy in a mobile credential context. The first phase was scoping and now the efforts are focused on the development of the requirements.

    Evidence of empowering people to make risk decisions: PEMC is developing a mobile credential privacy trust mark to benefit both individuals and organization in the ecosystem to convey trust framework during mobile credential transactions.

    Context of location doesn’t inherently reflect the nature of the transaction or the data use. Additional requirements (UI, trust marks, organization policy, etc.) are needed to develop trust the mobile credential ecosystem.

     

    Group raised questions about third nano-vision, recommend a clarification of nano-vision. From an organizational perspective the depth of experience does not necessarily impact simplification of the assurance.

     

    Group raised the fact that there are multiple links to establish assurance in a transaction. For in-person presentations the binding is well solved by current methods. Additionally, there are other missing links in addition to the human-to-digital binding in online transactions.

     

     

     

     

    1.4 Selected Data Release (Providers)

    All

    Remains under review.

    AAMVA is having an on-going discussion with solution providers regarding selective data release. Considerations for the choice is unintended release of information, user friction.

    Sensible to consider a blanket yes/no if provider can verify the minimum requested information is requested.

    Tom: Providers should be given results and not a list of instructions.

    Loffie: Very important to have a level of trust in the relying party when data is requested.

    @John to add a note to description on trust mark exception. Modification of the statement is necessary to build an exception

     

     

     

     

     

    Start Section 2 Review

    All

    John presented a first draft of the framing context for Section 2. Put to the group for comment

     

     

     

    14:57

     

    Adjourn

     

     

     

    Next meeting

    Apr 10, 2024

    Action items

     

    Â