2024-04-03 Meeting notes

 


Date

Apr 3, 2024

Attendees

See the Participant roster

Voting (3 of 6 required for quorum)

Participant

Attending

Participant

Attending

1

Chaudhury, Atef

 

2

Jones, Thomas

Y

3

Krishnaraj, Venkat

 

4

Thoma, Andreas

Y

5

Wunderlich, John

Y

6

Williams, Christopher

Y

Non-Voting

Participant

Attending

Participant

Attending

1

Auld, Lorrayne

 

2

Aronson Mark

 

3

Balfanz, Dirk

 

4

Brudnicki, David

 

5

D'Agostino, Salvatore

Y

6

Davis, Peter

 

7

Dowtin, Jazzmine

Y

8

Dutta, Tim

 

9

Flanagan, Heather

 

10

Fleenor, Judith

 

11

Glasscock, Amy

 

12

Graaf, Irene

 

13

Gropper, Adrian

 

14

Hodges, Gail

 

15

Hughes, Andrew

 

16

Jordaan, Loffie

Y

17

LeVasseur, Lisa

 

18

Lopez, Cristina Timon

 

19

Pasquale, Jim

Y

20

Snell, Oliver

 

21

Stowell, Therese

 

22

Sutor, Hannah

 

23

Tamanini, Greg

 

24

Vachino, Maria

 

25

Whysel, Noreen

 

Goals

  • Review process for requirement creation and review

  • Begin work on 1.1 requirement

Discussion items (AKA Agenda)

Time

Item

Who

Notes

 

 

Time

Item

Who

Notes

 

 

5 min.

  • Start the meeting.

  • Call to order

  • Approve minutes

  • Approve agenda

@John Wunderlich

Called to order: 14:03

Quorum reached: Yes

Minutes to approve: Yes

https://kantara.atlassian.net/wiki/spaces/PEMCP/pages/418709677

 

 

 

Open Tasks Review

All

Link to Recommendations (Commenter Link): Recommendations for Privacy Enhancing Mobile Credentials

 

 

 

Kantara Nano-Visions Exercise

@John Wunderlich

Eve Mahler has been leading the Kantara board through a nano-visions exercise, and they are looking to gather input from each group for discussion on the next Leadership Council Monthly call. @John Wunderlich will share the deck from Eve and then the group is asked to brainstorm a response.

 

 

 

Discussion on Requirements

@John Wunderlich

Raised a question on the relationship between the trust failures in the environment and the device binding. John reads that to be the difference between technical trust and human trust.

Board is looking to understand the beliefs of the PEMC work group and what is the evidences that substantiates the beliefs.

What is the intention of the products of the workgroup? Requirements, Compliance testing, a Standard?

In the context of mobile credentials, the WG was highlighting the risks to privacy in a mobile credential context. The first phase was scoping and now the efforts are focused on the development of the requirements.

Evidence of empowering people to make risk decisions: PEMC is developing a mobile credential privacy trust mark to benefit both individuals and organization in the ecosystem to convey trust framework during mobile credential transactions.

Context of location doesn’t inherently reflect the nature of the transaction or the data use. Additional requirements (UI, trust marks, organization policy, etc.) are needed to develop trust the mobile credential ecosystem.

 

Group raised questions about third nano-vision, recommend a clarification of nano-vision. From an organizational perspective the depth of experience does not necessarily impact simplification of the assurance.

 

Group raised the fact that there are multiple links to establish assurance in a transaction. For in-person presentations the binding is well solved by current methods. Additionally, there are other missing links in addition to the human-to-digital binding in online transactions.

 

 

 

 

1.4 Selected Data Release (Providers)

All

Remains under review.

AAMVA is having an on-going discussion with solution providers regarding selective data release. Considerations for the choice is unintended release of information, user friction.

Sensible to consider a blanket yes/no if provider can verify the minimum requested information is requested.

Tom: Providers should be given results and not a list of instructions.

Loffie: Very important to have a level of trust in the relying party when data is requested.

@John to add a note to description on trust mark exception. Modification of the statement is necessary to build an exception

 

 

 

 

 

Start Section 2 Review

All

John presented a first draft of the framing context for Section 2. Put to the group for comment

 

 

 

14:57

 

Adjourn

 

 

 

Next meeting

Apr 10, 2024

Action items