2016-01-05 Meeting Notes

Date

January 5th, 2016

Attendees

Goals

  • IRM in the Wild Discussion & Examples - Working Through the Principles

Discussion Items

TimeItemWhoNotes
2 minsKantara IPRSal
2 minsRoll CallSal
  • Roll, new intros, announcements
4 minsMinutes/Notes UpdateSal
5 minsPrinciplesSal
  • Discussion of Principles 1.1
40 minsIRM in the WildAll
  • Discussion of IRM in the wild - Consolidating the Use Cases
1 minOther AdminAll
  • Other Administrative, Action Item Review (not covered above) 
1 minAoBAll
  • AoB TBD...

Action Items

  •  

 

Submitted by Former user (Deleted):

Submitted by Thorsten Niebuhr (Unlicensed):

Here is the link on Entity Relationship Management / Semantics. Whitepaper is only available as german version right now, translation is planned to be done by end of next week

http://www.wedacon.net/entity-relationship-management

 

High-level Topics Covered

  • Role call
  • IRP Update
  • Principles Update - v.1.1
  • IRM in the Wild
  • Worked through DNS as IRM Use Case

Detailed Meeting Notes

IPR Policy

  • Kantara looking at Contribution approach that OpenID is using - having one IPR policy across all the groups - taking up at the board level

Roll & New Intros

  • Thornsten brief intro
  • Going to see what notes from last calls

Ian is out - but will be running through the principles again shortly - possibly use what comes out of the NIST workshop next week - going to want 3-4 people to have working group to go through the v.1.1 of the principles - will be asking for volunteers soon

Asking who is going to - NIST Workshop & PrivacyCon links being sent by Steve - will be sent to group and put in minutes [Included Below in Links]

Scott - will be at NIST workshop - Thursday - Identity Assurance group will be meeting with FICAM for a workshop - agenda up in the air - intended to be for Identity Assurance, Assessors, and CSPs to meet - link for this event to be sent as well

Idea is to draft 1.1 version of principles - confirm or deny if IRM is a "thing" or not - or should it be under "ABAC" for example

Way to determine is to document use cases and measure against principles we have so far - represent in a matrix

[ Reference: Matrix of IRM in the Wild]

Last call - spreadsheet development - talked about migration - questionable and went through principles and applicability - trying to answer - is there a unique case of IRM being done?

Does anyone have anything to throw out for a use case?

Scott - is IRM a separate thing which deserves paying attention to? - Yes absolutely - going on since IT and the internet - relationships which must be managed - other ways to maintain identity space

Sal - Ian & Sal is skeptical if they have an example of IRM - show a case of it and tell me why it is relationship management?

Scott giving example of Domain Space

Sal - you believe that is a case of IRM which exists - take DNS as a use case then? Go through the principles and it would work?

Scott - it would apply to a lot of the attributes

Kim - does it have to meet all principles?

Sal - there will be examples which it meets some but not fully; To define use cases it is okay to look for fully applicable; At this point;

Kim - at some point after looking at use cases we would then have to determine what doesn't make it IRM

Sal - yes exactly what we are trying to accomplish

Scott - probably not going to be black & white as to when it is or isn't - going to meet a few of the principles

Sal - we are working through the principles at the same time so it will be "push and pull" in different directions

Scott - DNS - and IP address to a Domain Name - registrant has to provide details about themselves, etc.

Working through DNS in IRM-in-the-Wild-Dashboard spreadsheet - (See Notes There)

  • Worked through each principle and decided whether or not it applied
  • Discussion around "immutable" - definitely applies - serves the purpose of immutability
  • Adrian - talking about the replacements to DNS with various architectures (e.g., Block Chain, etc.) - something we are doing could inform that process - that would be interesting
    • Scott in agreement
    • Google OneName, and NameCoin for more information on Block Chain
  • Adrian came up with another piece to this space - configuration management - thinking about scaling of identity - "promise theory" - eye opening way of looking at IRM - people out there looking at configuration of large-scale systems and the scalability of them - so for example when they see DNS - they cringe - it is brittle, not scalable, too centralized
  • Sal - some there is registration and some there is use - need distributed autonomous things - completely agree - Promise Theory gives us a nice set to compare against our principles
  • Scott - Provable would be a difference between DNS and Block Chain
  • Sal - likes going through this and gathering related things - should we go through Block Chain and Distributed Hashes?
  • Scott - interesting on Immutable - IP addresses which are mutable - ID of the individual which registered the records is not supposed to be mutable - both sides (immutable & mutable) show up
  • Sal - challenging because DNS is at a lower level
  • Continue to go through the Principles…
  • Completed going through principles for DNS

Thornsten - entity relationship management and semantic whitepaper - going to send link 

Sal - architectural principles - these may be applicable there - makes a lot of sense - going to put Promise Theory in autonomous for now