P3-PFSG Meeting Notes - 2010-12-08
Attendees:
Jeff Stollman
Jay Unger
Lindy Siegert
Mark Lizar
Anna Slomovic
Tom Smedinghoff
Peter Capek
Apologies:
Trent Adams
Staff:
Joni Brennan
Anna Ticktin
Meeting Notes:
1. Administrative actions
Roll call
PF-SG Meeting Schedule
- P3WG 16 DEC
- PF-SG 23 DEC
- P3WG 30 DEC - canceled
- PF-SG 06 JAN
2. Privacy Framework
Subcommittee status reports:
- Research (Identify sources of existing work, assess their value to us, leverage what we can)
- Goal of this research: capture and summarize documents
- What Trust Frameworks are people actually working on? Jeff has circulated a matrix for the SubGroup's review.
- RPs are the next evolution of the IAF. The Privacy Framework should include RPs in it's work, even if it's ahead of the IAF game.
Kantara / OIX overview---Joni
- Both Orgs are US Govt Trust Framework Providers (OIX certifies at LOA1 on a self-assert model; Kantara certifies at LOA 1,2,3 non-crypto)
- Kantara uses IAF (Policy), US Federal Privacy Profile (Privacy) and SAML deployment (Technology)
- OIX is subcontracted by Kantara to provide the obligatory Listing Service, while Kantara focusses on certifications at LOA1,2,3
- OIX also focusses on Higher Ed, while Kantara focusses on the rest of the industry
- Mark suggests the discovery team collect a list of frameworks broken out by privacy vs trust frameworks
- Jay begs the question of how we should organize the information that is being collected, as we have an "organization" bucket, "framework" bucket and a "documents" bucket.
- ACTION ITEM 20101209-01 Anna + Mark--- to redesign the current Privacy Organization chart to be more Frameworks/docs driven.