P3WG Meeting Minutes 2012-02-09

Attendees:

Tom Smedinghoff
Susan Landau
Nathan Faut
Anna Slomovic
Gilad Rosner
Colin Soutar
Jeff Stollman
Mark Lizar
Hedy Kirkby
Anne Geyer
Colin Wallis
Bill Braithewaite
Aaron Brauer-Rieke

Staff:
Joni Brennan
Anna Ticktin

Minutes:

1. Administrative:

  • Roll Call — quorum achieved
  • Motion for minutes approval: 1 Dec 2011
  • Mark Lizar moves to approve the minutes as captured. Colin suggest removing "Sort of like" language under Section 3 as it dangles. With no further discussion, the minutes are approved.
  • Leadership Announcement / Introduction of New Co-Chairs:
  • Tom Smedinghoff & Colin Soutar
  • Call for Secretary
    (Tabled)

Action item review:

  •     None

2. Update on Privacy Assessment Criteria
     http://kantarainitiative.org/confluence/display/p3wg/Privacy+Assessment+Criteria+%28PAC%29

  • P3 left off looking for additional funding to complete the PAC
  • The group has an initial draft written by Bob Gelman targeting federal perspective initially and then generalizing for our purposes there after.
  • The group then began capturing some early feedback and has collected early comments (some 53 pages to date).
  • It loosely socialized this doc at the October F2F with IAWG and it was deemed to be in too early of a stage to partner directly with IAWG.
  • Once P3 cleans/sweeps the doc, it would then go into IAWG for it's review and commentary.
  • Upon document approval, the criteria would apply to those seeking to submit their credentials to FICAM, or anyone seeking credentials under the Kantara Trust Framework.
  • Question : What does this doc do attempt to do that 800-63  doesn't? 800-63 App. J is applicable only to Gov entities. The PAC is meant to be an addendum to the privacy criteria developed in IAWG. It should sit and work with the IAF stack and provide assessment criteria for Kantara to assess against.
  • Tone/flavor of the document was discussed at length in previous sessions. Question : Does it have aP3 PoV with a normative set of criteria? Or respect the FICAM PoV?
  • There is no law in the states that says you have to protect privacy and this is how you do it.
  • A full-time editor is needed.
  • Ann Geyer volunteers some of her time and resources to assist in the editorial responsibilities.
  • Colin Soutar proposes a scope statement at the top of the PAC document---what is it doing, what is it not doing, what is the ownership and what is its intended projection?
  • Anna advises that Jeremy Grant wants a demonstration of the ecosystem. If P3 wants the PAC to be part of the pilot, we need some Kantara partner to test-drive.
  • P3 has stalled in finding a client to take up the PAC, but NSTIC provides that. Whist a PAC doesn't currently exist, nothing prevents us from suggesting that a PAC should be part of an assessment and be in development within a trust framework.
  • From her place at UC Berkeley, Ann suggests InCommon could be a potential client. Colin Wallis suggest more fertile ground with Edu-gain's privacy principles as well.
  • Joni seconds that this is a great thread and we have solid relationships with InCommon, Internet2 and our friends in higher-ed.

ACTION ITEMs:

  •   Resolve comments to the PAC
  •   Review scope and next steps of PAC
  •   Call for contributions regarding NSTIC
  •   Pursue InCommon/Internet2 alignment

Next Steps:

  • Ann will loop with Bob Gelman one-on-one to get up to speed on the doc and his initial perspective.
  • Colin S. and Colin Wallis have an interest in being part of the conversation around the current and proposed structure of the doc. Together with Ann (and any other interested parties), they will work in adhoc Thursday session, biweekly at the same time and on the same dial-in as P3.
  • This sub-team will focus on an initial sanity check of the PAC as it stands today. This will be inclusive of a scope-check, content/substantive discussion.
  • After looping with Bob, Ann will take a first strike at shaping the doc, and suggests a roadmap at the top as well as intensive review of its introduction.

Adhoc next Thursday 16 Feb 2012:

  • This PAC working session will include a 10-15 minutes NSTIC response discussion
  • Susan advises the PAC doesn't have to be complete in order to respond to NSTIC. We can suggest this as a work in progress and projected end state.

3. Review of Existing Roadmap

        http://kantarainitiative.org/confluence/display/p3wg/ROADMAP
4. AOB

  •     Munich F2F

Adjourned