LC telecon 2012-10-17 - Strategy Call

LC telecon 2012-10-17

Date and Time

  • Date: Wednesday, 17 October 2012
  • Time: 13:00 PT | 16:00 ET | 20:00 UTC (time chart)
  • Call-in toll-free number: 1-866-203-0920
  • Call-in number: 1-206-445-0056
    • Conference Code: 5423695925#
  • International Dial-In Numbers

Agenda

  1. Roll Call
  2. Discussion
    1. Next steps for Kantara members wrt Europe’s eID/Electronic Trust Regulation
    2. Kantara member panel topics for RSA (Feb 2013) and EIC (May 2013)
    3. Non-Person Entities - Device, Organisation and Software.  Implications of new ID standards and the need for certification/assurance against them.
    4. Geo-authentication and trusted location services - UPRN (Unique Property Reference No) and LEI (Legal Entity Identifier).  LEI is mandated by the G20 for the finance sector.
  3. AOB
  4. Adjourn

Attendees

  • Myisha Frazier-McElveen
  • Tom Smedinghoff
  • Colin Soutar
  • John Bradley

Staff

  • Heather Flanagan (scribe)
  • Joni Brennan

Apologies

  • Pete Palmer
  • Rainer Hoerbe

Notes

Next steps for Kantara members wrt Europe’s eID/Electronic Trust Regulation

Mark King gave a good talk at yesterday's eGov meeting about this topic. It might be interesting for stakeholders organized in Kantara to voice an opinion at the European Commission. A short and incomplete summary of Mark' talk is:
For some countries, in particular UK/US, there are 2 key problems:
- No provision if a country will not provide for a citizen register providing a unique identifier
- The goal of legal certainty is not useful for Common Law countries

Other issues should apply to other Member States as well:
- Lack of an open, transparent process with participation of experts before the consultation on the draft regulation;
- Clarification of liability limits and circumstances - the current draft does neither limit not scope liability;
- Impact of interop requirements on existing infrastructure;
  • Patrick can be the champion to take this forward; add to next LC call for review

  • Hold to next call

Kantara member panel topics for RSA (Feb 2013) and EIC (May 2013)

  • EIC: international standardization panel idea is good; thinking similar to the panel that Nat put together at the Cloud Identity Summit
    • Look at CIS 2012 for a list of names; Colin for something pan-pacific, Ken Dagg for a North American perspective alternative from Jeremy Grant; Chris Ferguson or David Reny from the UK = comparison of national identity, commercial and public, compared from pan-pacific, us, uk, and canada; Leif for a Nordic approach
    • Patrick to suggest a few more names
    • HF to get a thread together and start coordination activities
    • Bring EIC back to the next Strategy call
  • (Colin) are you looking for two separate topics, or the same topic at both? (Joni) either would work, need to see the coordination activities to start; is looking for topics to start
  • the call for Peer2Peer talks at RSA came out today; this would be a smaller side session; these would be openspace style, with no deadlines, though there may be an alternate openspace style with a moderator - more research required
  • attributes and certification of attributes could be some good topics; Kantara as a trust framework that has an established criteria for information exchange could be a great start to a discussion
  • AI: ask Kalia what, if anything, she'll be doing at RSA
  • AI: Joni to reach out to Laurent and Don about doing something together at RSA, coordinating agendas

Non-Person Entities - Device, Organisation and Software.  Implications of new ID standards and the need for certification/assurance against them.

  • Hold until the interested parties are available to talk

Geo-authentication and trusted location services - UPRN (Unique Property Reference No) and LEI (Legal Entity Identifier).  LEI is mandated by the G20 for the finance sector.

  • Hold until the interested parties are available to talk

A discussion about sustainment and moving trust frameworks forward

  • the sustainment of the IAF - create the links between the various groups, identify tracks and additional areas (compliance, certification of attributes, relying parties, etc) the tying it all together component is missing
  • this call should be the venue to move forward what we had called the Trust Framework subcommittee
  • What can we do between now and the F2F to understand our goals to have productive discussions at the F2F? 
  • One example is the glossary - if that is going to go across all IAF docs, that should also have the P3WG involved
  • we have said that the IAF is just one piece of the big picture, but we haven't actually drawn out the big picture yet
  • let's look at the mission statement that was approved, and how we can move on that
  • in the next two weeks, let's collectively develop questions that would inform how we fill out our Big Picture
    • the value prop paper, the mission statement, and the picture need to be distributed to be our guide to creating those questions