Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

Attendees:

Voting Participants: Mark King, Mark Hapner, Richard Wilsher, Ken Dagg, Martin Smith

Non-voting participants: Tim Reiniger, Roger Quint, Pete Palmer, Eric Thompson 

Staff: Colin Wallis, Ruth Puente

Quorum: 3 out of 5. There was quorum.


Agenda


1.Administration:
a.Roll Call
b.Agenda Confirmation
c.Minutes Approval 2021-03-25 DRAFT Minutes

2. Discussion

a. Review NISTIR 8344 (Ontology for Authentication) 

b. Review criteria related to component service consumers.  
c. NIST open discussion issues in light of SP 800-63 rev.4.

3. Any Other Business


Minutes Approval

2021-03-25 Minutes were approved by motion. Moved: Mark King. Seconded: Mark Hapner. Unanimous approval. 


Review NISTIR 8344 (Ontology for Authentication) 

  • IAWG comments are being gathered in this GDoC: https://docs.google.com/document/d/1jswnFEpl1kvNmUAYBFa3MMjNXBam2BkYhE3FqbANOKQ/edit?usp=sharing
  • Ken pointed out that extensions of the definitions will be suggested and there will be a clarification request on the purpose of the document. Ken added that there were missing some key terms in the definitions, such as trust  framework and federation and explain the relationship between the two. Furthermore, it will be suggested to add definitions on trust, risk, object, entity. 
  • Mark K. suggested to add a reference of an existing document/standard, such as ISO.  
  • Colin provided a reference to ISO 29115 for "trust framework" definition: "set of requirements and enforcement mechanisms for parties exchanging identity information". Also, he provided a definition of "federation agreement" from an ISO search tool "identity federation agreement between two or more domains (3.2.3) specifying how identity information (3.2.4) will be exchanged and managed for cross-domain identification (3.2.1) purposes".
  • Mark K. pointed out that a request of clarification on digital signatures should be added, based on the statement of Line 625: "Two major forms of digital signatures are DSA and PKI", so he suggested to request clarification on this. 
  • Ken will add a definition of authentication from IS29115. 
  • Mark K. said that he found the diagram confusing. 
  • It will be suggested a circular glossary that provides the relationship between the terms. 
  • Ken will revise the comments and provide a final draft for next week. 

Others

  • Richard commented that NIST wants to convert 63A/B/C rev4. into an international standard.


NIST open discussion issues in light of SP 800-63 rev.4

  • No labels