DRAFT 2016-10-19 Meeting Notes

Date

2016-10-19

Attendees

 

Andi Hindle

andrew at hindleconsulting.com

Andrew Hughes

andrewhughes3000 at gmail.com

Catherine Schulten

catherine.schulten at lifemedid.com

Chris Adriaensen

chris.adriaensen at forgerock.com

Colin Wallis

colin at kantarainitiative.org

Dave Coxe

dcoxe at iddataweb.com

David Treece

dtreece at costco.com

Gustavo J Gallardo

ggallard at identicum.com

Giles Watkin

giles at pridium.com

Ian Glazer

iglazer at salesforce.com

jim willeke

jim at willeke.com

Kenneth Dagg

kendaggtbs at gmail.com

Mehmet Yaliman

mehmetyaliman at gmail.com

Naohiro Fujie

naohiro.fujie at eidentity.jp

Paul Heaney

pheaney at proofid.co.uk

Sarah Squire

sarah at engageidentity.com

Scott Shorter

scott.shorter at kuma.pro

Steve “Hutch” Hutchinson

sehutchinson at gmail.com

Stuart Lincoln

stu at stulincoln.com

Agenda

  • Administrative Business
  • ID Pro Timeline reminder
  • Survey Results Overview
  • Open Discussion of Survey Results

Discussion Items

  • Administrative
    • Note that once there is an elected secretary for the DG, we will stop recording the DG calls and rely on meeting notes
    • Nominations period still open until 5pm Eastern today
  • Timeline
    • 18 weeks to go until RSA and goal of announcement
  • Survey results review
    • Ian gives a high level overview of the survey methodology
    • Presented brief outline of Q1-4 and the essence of the response & pie chart breakdown

Discussion of survey results

    • Question 2: Vision statement
      • "Value" - many interpret this as only 'commercial' - perhaps use the term "utility" or similar instead.
        • Need to test if 'utility' translates well into other languages
      • "Digital" services - is it redundant? or should this be for all types of services?
        • General comments - strike 'digital' from 'services' but leave "digital identities" alone
      • "High Value" - might be self-limiting. Who decides the value level?
        • Suggestion to use a different kind of metric "trusted identities" or "low-risk" identities - to allow for differentiation considerations
      • Note that the value statement is about the 'future state of digital identity' - should be about the future association
        • ACTION: Andrew Hughes to post a revised vision statement to the mailing list
    • Question 3: Mission statement
      • The statement is a better statement of 'organization' focus rather than 'industry' descriptive
      • The statement is a reasonable encapsulation of the "why" of the organization
      • Consider using "confidence" instead of "trust" to avoid a term that is hard to measure
        • Relatively balanced opinion on the chat between "trust" and "confidence"
          • "Confidence is typically associated with ID proofing while trust tends to aggregate several processes."
          • "i suggest "trusted identity" should be a thing, confidence is a metric in how well the identity might be performing."
          • "to me trust implies yes/no (100% or not) while confidence implies a level (possibly 95%)"
          • "Now that I think about it, trust is usually used to refer to a relationship. Assurance, maybe?"
            • "I think assurance is even more overloaded. Especially if you bring in the 'high-assurance' identity crowd.... which we will...."
      • "Digital Services" - maybe say "services enabled by digital identity"
        • Or "delivery of services" not just "services"
        • Or "services and products that are enabled by digital identity"
        • Need to consider generation of 'identity information' as well
      • Enumerated list issue again: this could cause a limitation and constraint on our scope
        • We will need a living definition of "digital identity"
          • "maybe we need a living definition of 'digital identity'; maybe this is an output from the group, and helps to educate both the profession and our adjacent/relying industries about what this is."
      • Q: what's the audience for the Mission Statement? ourselves? 
        • The Mission should be of the Organization to ourselves as direct constituents - "I recognize myself in the statement - I'm one of those"
      • Q: Are we deliberately leaning to "access management" vs IAM?
        • A: No, and this is an issue with the enumerated list approach
      • If we say that the Organization "defines" the Profession, does this mean that we prescribe it or should the org be reactive to what's already going on
        • Q: "Do we assume that the Profession the same thing as the Organization?"
        • Depends on who the audience is 
        • "Define" is problematic - because there will always be practitioners/professionals that are not part of the Organization
          • Will probably have to refine this relative to future Certifications offered
    • Suggested Mission for discussion on list: "To advance the practice and profession of digital identity to enhance the delivery of services and products enabled by identity"

 

Next meeting

Wednesday October 26, 2016 at 12:00 noon Eastern Daylight Time (UTC -4h)

*** NOTE: US Daylight Saving Time ENDS November 6 2016 - for other regions, the meeting time will appear to shift on your calendars - please make the adjustment as needed

Action Items

  • Former user (Deleted) Start threads on the mail list for each Question
  • All: look into how other professional associations define their mission and feed back into the list
  • Former user (Deleted) Propose a reworked Vision statement that is for the Organization (not the industry) at a time horizon of ~7 years
  •  
  •