2013-08-05 eGov Meeting Notes
1. Administrative section
Date and Time
Date: 5. Aug 2013
Time:Â 11:00 PDT | 14:00 EDT | 20:00 CET | 06:00 NZ(+1)
Role Call
Colin Wallis, Gov of NZ
Keith Uber, Ubisecure Solutions, Finland
Thomas Gundel, IT Crew, Denmark
Sal D'Agostino, IDMachines, USA
Apologies
2. Agenda
Ken is not on the call - relevant agenda items will be handled on the next call.
Colin added information about the ucentricid.com conference in DC in October, and a recent NSTIC blog on architectural patterns that support the various functions/processes in federated identity, to be discussed at end of call
2.1. Colin to report on draft a clause on the SC27 WG5 Identity Federation clause in 24760-3
The draft is in progress
Participant keen to add technical controls for attack sin the areas of requesting authenticated entity, authentication, authorizing release of attributes etc which may not fit in this particular clause (Identity Federation) but valuable to include somewhere in the standard.Â
Colin has added the initial draft for the sub clause entitled 'interoperability between federations', for comment.
Editors have asked Kantara to take just this Identity Federation clause and work on the practical aspects of it. It is to be submitted by the end of August 2013. It is being worked on in a closed list of members who expressed an interest to participate within Kantara. The editors will then do a total review and put out a proposed next working draft based on these comments and others. ISO will then review it at the next meeting in Korea in October.
2.2. Government of Canada’s Guideline on Identity Assurance
Ken Dagg had earlier presented Government of Canada paper, shared on the list. Sent 13.5.2013 title "Guideline on Identity Assurance Consultation Draft Apr 25 2013.pdf". Ken asked for more comments in the Identity Assurance guidelines. Ken is not on today's call.
Short discussion about how equivalent documents don't exist in some jurisdictions - due to either centralised non-competitive models, or lack of ownership/split of responsibility across government departments. Postponed to September call.
2.3 Recent event reports from attendees (eGov aspect)
IETF 87 Berlin - No participants present
Cloud Identity Summit CA - No participants present
NSTIC IDESG Plenary at MIT (July 24-26, 2013) - Sal:
- a report was out on business sustainment models,
- more pilots underway
- report out on the previous pilots
- feeling of the need to encourage more interaction between working groups
- Attendance seemed low - 75-100 in the room - 30 remote? Held right after CIS in Napa Valley. Earlier plenaries had 200 or more.
- Slow moving, definitely a difficult management task - big Identity providers are still lacking
- latest documents http://www.idecosystem.org/filedepot
DefCon
- Interesting given the recent PRISM news
Multinational Alliance for Collaborative Cyber Situational Awareness (MACCSA)
- information sharing network for real-time exchange of cyber-attack data
- Held at Schiphol 25 July 2013 - approx 21 nations represented by a mix of gov, mil, or business
- eGov working group to invite Patrick Curry to report on the current status
- http://www.federatedbusiness.org/mne7
2.4 Upcoming events
http://www.ucentricid.com/
Recently Confirmed - Kantara will participate in the UserCentric ID Live event and is part of the expert advisory committee as well. If your organization would like to take part please contact Joni for more details.  Event organised by publisher in cooperation with the Smart Card Alliance.
2.5 Summary on Kantara activities in the July Director's corner
Discussed NSTIC resilent network - There was a presentation of their pilot at the plenary.
This led to NSTIC discussion
Discussed NSTIC blog post
 http://nstic.blogs.govdelivery.com/2013/08/02/nstic-pilot-common-considerations-5-an-identity-ecosystem-functional-model-for-the-modern-market-2/
From blog: "Such an architectural capability has been recognized by Trust Framework Providers such as Kantara Initiative, although it has not yet been incorporated into their certification scheme."
Colin: IAWG is working on it. It's the second item on their current roadmap.
2.6. Updates on national projects
Denmark: Many new services going live on 26 August 2013, including Power of Attorney service. Thomas invited to present on the next call.
Finland: National ID (Population register) inviting different players to present possible future models for eID infra, both PKI and post-PKI
NZ- Launch of RealMe (officially) last week, link already sent to list. Colin could give another presentation on the architectural pieces that make up the overall service
Next Meeting
Topics (one or more of the following)
Patrick Curry - MACCSA (Multinational Alliance for Collaborative Cyber Situational Awareness) presentation
Thomas Gundel - Danish Power of Attorney services
Colin Wallis - RealMe architecture
Date and Time
Date: 2. Sept 2013
Time:Â 11:00 PDT | 14:00 EDT | 20:00 CET | 06:00 NZ(+1)
-------------------------------------------------------Â
To join the teleconferenceÂ
-------------------------------------------------------Â
DIALÂ INÂ INFORMATION:Â
Skype:Â +99 051Â 000Â 000Â 481Â
Conference Id:Â 613-2898Â
USÂ Dial-In:Â +1-805-309-2350Â Â
http://kantara.atlassian.net/wiki/display/GI/Telco+Bridge+InfoÂ
Â
Â