2024-11-06 Meeting notes

Date

Nov 6, 2024

Attendees

See the Participant roster

Voting (3 of 6 required for quorum)

Participant

Attending

Participant

Attending

1

Chaudhury, Atef

 

2

Jones, Thomas

Yes

3

Krishnaraj, Venkat

 

4

Thoma, Andreas

Yes

5

Wunderlich, John

Yes

6

Williams, Christopher

Yes

Non-Voting

Participant

Attending

Participant

Attending

1

Auld, Lorrayne

 

2

Aronson Mark

 

3

Balfanz, Dirk

 

4

Brudnicki, David

 

5

D'Agostino, Salvatore

Yes

6

Davis, Peter

 

7

Dowtin, Jazzmine

 

8

Dutta, Tim

 

9

Flanagan, Heather

 

10

Fleenor, Judith

 

11

Glasscock, Amy

 

12

Graaf, Irene

 

13

Gropper, Adrian

 

14

Hodges, Gail

 

15

Hughes, Andrew

 

16

Jordaan, Loffie

 

17

LeVasseur, Lisa

 

18

Lopez, Cristina Timon

 

19

McBride, Adam

Yes

20

Pasquale, Jim

 

21

Snell, Oliver

 

22

Stowell, Therese

 

23

Sutor, Hannah

 

24

Tamanini, Greg

 

25

Vachino, Maria

 

26

Whysel, Noreen

 

Goals

  • Review process for requirement creation and review

Discussion items (AKA Agenda)

Item

Who

Notes

Item

Who

Notes

  • Start the meeting.

  • Call to order

  • Approve minutes

  • Approve agenda

@John Wunderlich

Called to order: 14:05

Quorum reached: Yes

Minutes to approve: Approved

https://kantara.atlassian.net/wiki/spaces/PEMCP/pages/683278337

Open Tasks Review

All

Link to Recommendations (Commenter Link): Recommendations for Privacy Enhancing Mobile Credentials

Comment Dispostion

@John Wunderlich

Discussion

1 Comment has been received and has been addressed.

Loffie notes that the draft has been circulated to ISO SC 17/WG 10 so more comments may be forthcoming

Tom has a wording comment that will be added for comment dispostion.

 

Brainstorm

All

Comment Period for report ends in two weeks. If all goes well, will be published in December.

Brainstorm what to do next. Possibilities include:

  1. Update the implementor’s report to reflect the published recommendations

  2. Working with Kantara to train third parties to ‘certify’ vendors against PEMC

  3. Start working on Version 2 of the PEMC to include online transactions

  4. Discuss the Credential Exchange Protocol from FIDO. Is this in the scope of the PEMC?

  5. Other ideas?

Discussion:

  • Updating the Implementor’s Guidance Report

    • @John Wunderlich will initiate this work and report back next meeting

  • Following the Implementor’s Guidance Report should be a guidance document for assessors, which is somewhat dependent on the updated Implementor’s guidance report.

    • What documents should be normally expected to be provided to an assessor? @Andreas will talk to his team, and possibly with @Atef Chaudhury to determin what documentation would their compliance teams would expect to provide for conformance purposes

  • We should plan to start work on updating and extending the PEMC requirements to completely online use cases in the new year.

 

Adjourn

Next meeting in two weeks

Next meeting

Nov 20, 2024

Action items

@John Wunderlich to coordinate comment dispostion