P3WG Meeting Minutes 2010-12-02
These are draft minutes and have not yet been approved.}
1.     Roll call
Attendees:
Trent Adams
Jeff Stollman
Mark Lizar
Myisha Frazier-McElveen
Peter Capek
Lindy Siegert
Tom Smeddinghoff
Colin Soutar
Jay Unger
Colin Wallis
Susan landau
Apologies:
Chrisine Runnegar
Anna Slomovic
Staff:
Anna Ticktin
Joni Brennan
a.      Quorum achieved
2.     Agenda review/prioritization
3.     Next P3 meeting schedule
a.      P3wg 16 DEC
b.     P3wg 23 DEC
c.      P3wg 06 JAN
4.     Discussion of chat options
a.      Skype
b.     IRC (Mark) - we have a back channel chat room that we are now using and testing.. these are the details.
           i.     http://chat.mbbit.com Â
           ii.     Channel: #p3wg
           iii.     Publish access procedures in the minutes and send in email to entire group
             iv.     Doesn’t appear to support file transfer? (this isnt an issue as we can post links to files)
c.      Gmail (Peter)
5.     Privacy Framework work plan development
a.      Subcommittee status reports
     i.     Research
1.      Status
a.      Currently just collecting documents and putting them and master spreadsheet on wiki
b.     Review better wiki options
c.      On 6 JAN we’ll delegate review of documents collected among entire group
2.      Other organizations
3.      Identify existing Privacy Framework and Service Assessment Criteria documents
4.      Review existing Privacy Framework and Service Assessment Criteria documents
5.      Document existing Privacy Framework and Service Assessment Criteria documents
6.      Recommendations
7.      Next meeting
            ii.     Definitions
6.     Develop recommendation for scope to be included in Privacy Framework
1.      Scope
a.      Ipseity is your carbon form.
b.     Everything else is an Attribute.
    i.     Need to develop taxonomy of attributesÂ
      ii.     One vector of taxonomy is level of harm associated with individual attributes over 100-year period
2.      Service Assessment Criteria
a.      Use Levels of Protection based on certifiable outcomes
  i.     E.g., technology that ensures protection would be higher level than mere policy and human processes that target protection
1.      Recognize that robust technology today may become vulnerable in the future
3.      Next meeting
a.      Week of 13 DEC in Herndon
4.      Not covered
a.      Current thoughts on scope/road map
b.     Recommendations
               i.     Functional scope (Notice, Policies, Practices, User Controls, Mgt Controls, Security Controls)
        ii.     Roles involved (S, IdP, RP, AP)
         iii.     What is in PF, what is in profile?
        iv.     What are the levels we propose?
         v.     Priority
b.     Issues discussion (based on subcommittee status reports
     i.     Colin S had question he will submit to the List regarding jurisdictions
- 2.     Agenda review/prioritization
Adjourned.
Next Telecon: Thursday 9 December 08:00 PT / 11:00 ET / 17:00 CET