2014-02-03 eGov Meeting Minutes

Date and Time

Date: 3. Feb 2014

Time: 11:00 PDT | 14:00 EDT | 20:00 CET | 08:00 NZ(+1)

Role Call

 

  • Rainer Hörbe
  • Keith Uber
  • Denny Prvu
  • Bob Sunday
  • Colin Wallis
  • Thomas Gundel
  • Ken Dagg, as Individual member

 

 

Quorate call 

 

Administration

 

Approval of Dec 2013 Minutes: Thomas approved, Denny seconded

 

Voting for Leadership of Working Group 

Invited others to volunteer for roles.

Proposal to remain as before:

Rainer - Chairmain

Colin  - Vice

Keith - Secretary

Revoted for same leadership  - No objections.

 

2. OASIS IDCloud 'Gap Analysis' Committee Note

IDCloud is a Technical Committee in OASIS
Very wide scope.
20 or so general identity-related use cases have been identified and documented
Version 1 of the document has been approved
The gap analysis document is a working draft and up for review
Rainer believes there is scope for input from the eGov WG.
SAML is mentioned on a very general level as a framework.
Only STORK is mentioned as one profile of SAML.
OpenID Connect OAuth is mentioned in great detail, proportionally out of balance to SAML.
Rainer proposes that the eGov group comments on this lack of balance.

Which should be mentioned? OIO SAML, NZSAMS, FiCMAM, SAML2int, eGov 2.0

AP: Please review the comments on the Identity in the Cloud Gap Analysis Version 1.0“ Public Review Draft 02, and make any comments before the next call.

 

3. Charter changes

New charter should have been approved at the last week's LC meeting. Due to events and travel, no LC was held. An off-cycle call will be held on Wednesday and approval is expected if call is quorate.

4. Country reports

DK: (Thomas) 5 or 6 major federations within different domains - a strategy process to look at these
and check for cross-compatibility, inter-federation scenarios, common trust frameworks - common governance across the
federations.
Different sectors have different federations due to historical reasons.
More and more instances of users needing to cross the federation boundaries is becoming a challenge.
Mapping issues are present due to the different identifiers in each system.
Identity requirements
Until now it has been a case-by-case solution
Keith told that Finland has done 'lowest common denominator' format

AP Keith - Keith to send to the list - common domain cookie implementation information

AT: (Rainer) Rainer has been working on a privacy enhanced federation module for well over a year and is now finalised. He is working on a proof of concept implementation
Requested time to present for the March or April meeting
Key concepts: pseudonymity for the users so there is no link between the SPs and between the IDPs. The IDP does not know which SP the user.

It is based on end to end encryption between the SP and IDP.

Only with a small change to the eGov profile.
Hub and spoke model - the hub is called the service broker.

Q. Is there a central repository?

A. Yes, the hub is mapping the identifiers.

An academic paper has been submitted to a security conference.
Not just mapping of identifiers, but using real pseudnym at the SP - for email the service
broker and the SP will have message forwarding.
Payment services can be pseudonymous.
Idea is to find as many services as possible that minimise their data
Like loyalty cards - why do they need a name? Is a buying pattern is enough?
Rainer will present for the next meeting.

AOB

Sue Kemp will take over as official rep on the eGov working group for Canadian government identity services.
eGov breakfast at RSA - Marriot Bar and Grill, opposite Moscone center - Sal and Allan will run it this year - Thank you! (from Colin)

If you are presenting somewhere, please give a note on the Event Radar

Next Meeting  

Date and Time

Date: 3. Mar 2014

Time: 11:00 PDT | 14:00 EDT | 20:00 CET | 06:00 NZ(+1)

------------------------------------------------------- 

To join the teleconference 
------------------------------------------------------- 
DIAL IN INFORMATION: 

Skype:  +99 051 000 000 481 
Conference Id: 613-2898 
US Dial-In: +1-805-309-2350  

http://kantara.atlassian.net/wiki/display/GI/Telco+Bridge+Info