2017-09-13 Draft Meeting Notes


Attendees

Adam Madlin, Symantec

Ann West, Incommon

Matt King, SAFE BioPharma

Nandini Diamond, FICAM GSA

Ken Dagg, KI IAWG Chair

Tom Barton, Incommon

Ruth Puente, KI

Colin Wallis, KI

Boris Kronrod, Athenahealth 

Scott Perry, Scott S. Perry CPA, PLLC 

Scott Shorter, KUMA


SAFE BioPharma Update

  • New cross-certified PKI Trans Sped, they are a qualified Certificate Provider that issue certificates in Europe for BioPharma and Healthcare companies. Also SAFE BioPharma has certified the Adobe cloud products, adobe sign, acrobat and reader. 
  • In the process of mapping 800-63-3 to their criteria to analyze the potential gaps. It was asked to FICAM if there is an indication of timeline for FICAM updated documents to align with 800-63-3.

Incommon Update 

  • Baseline expectation implementation in the Incommon federation, promotion of trust worthiness across federation. 
  • Ann West commented that in the Education space there are national and international content providers, represented in STM, an industry group to move towards SAML access and away from IPV access. Pharmaceutical companies are interested in having a SAML based federation and they are talking to the research and education area.  She believes that SAFE BioPharma  may be interested in this work.

Kantara Initiative Inc Update

  • In the process of pulling the requirements from 800-63-3 to generate SAC to assess their CSPs. 

FICAM Update

Nandini answered the questions that Incommon and Kantara have raised in the previous Sync in relation FICAM Draft Certification and Renewal Document Table of Contents.docx:

  • Incommon and business case (Item 4.3.). She confirmed that Incommon does not have the classic TFP model,as they are federating, so it is the exception of the TFP Solutions. She said that FICAM would  work with Incommon so they can maintain the trust they have established without extra burden.
  • 4.4.3 Credential Service Provider Assessment Methodology. She commented that the new realignment of the Trust Framework Solutions is that there is more responsibility on the TFPs and takes it to a more robust level. In order to be compliant with 800-63-3 more demonstration has to be done in the different levels. She clarified that FICAM is drafting a Credential policy to add structure and  would provide a high level guidance of what they want to see as assessment methodology.Â