Page tree
Skip to end of metadata
Go to start of metadata

Kantara Initiative Identity Assurance WG Teleconference

 

Minutes approved 2014-10-09

 

Date and Time

Agenda

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Minutes approval: DRAFT IAWG Meeting Minutes 2014-09-25 
    4. Staff reports and updates
    5. LC reports and updates
    6. Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
  2. Discussion
    1.  US Profile of SAC - Discussion of Approach
    2. Invitation letter to potential Service Component providers
  3. AOB
    1.  
  4. Adjourn

 Attendees

Link to IAWG Roster

As of 2014-09-29, quorum is 7 of 13. 

 

Meeting achieved quorum

 

 

Voting

  • Rich Furr ( C)
  • Paul Calatayud (V-C)
  • Andrew Hughes (S)
  • Ken Dagg
  • Scott Shorter
  • Bill Braithwaite
  • Adam Madlin
  • Cathy Tilton

Non-Voting

  •  Colin Wallis

Staff

  •  Joni Brennan

Regrets

  • None

Notes & Minutes

Administration 

Minutes Approval

DRAFT IAWG Meeting Minutes 2014-09-25

Motion to approve minutes of 2014-10-02: Braithwaite
Seconded: Dagg
Discussion: None
Motion Carried 

Staff Updates

  • Newsletter will publish this week: IoT event; Access Control; other recent events
  • Upcoming: 
    • IRM Summit, Dublin - IoT and Access Control sessions planned November 3 2014
    • Panel at CA World November
    • Panel at Privacy Identity Innovation, Palo Alto November
  • LC continues to conduct a reorganization/vision activity
    • Creating themes, mergers, groupings of the WGs
      • "Connected Life" theme
      • "Trust Services" theme
    • Will make a recommendation to the Board of Trustees
  • Submitting RSA proposals - closes today 

Discussion

  • Andrew walked through the approach from the mapping spreadsheets
  • Andrew asked how CSPs and Assessors actually do this:
    • CSP looks at the Kantara SAC for conformity
    • Assessor does the same
    • Not using 800-63-2
  • Cannot conform to FICAM simply using simply the IAF core criteria. Must do IAF plus FICAM Profile. Because IAF is intended to be broader than FICAM/800-63
  • Challenge is that TFPAP v2 specifies details that are not as restrictive in the SAC
  • Comment: could deal with this by a) working with FICAM to adjust the TFPAP; b) writing a US profile; c) work with NIST to rework 800-63-2 - make a submission to NIST to recommend how it should look.
  • Comment: 800-63-2 itself, refresh might be pushed to industry
    • There is a sense that 800-63-2 has become too technically specific that it stifles innovation
  • Comment: these options face the US Federal market, not the commercial market
  • Comment: The Board of Trustees supports taking the IAF towards a core plus profiles
  • Comment: Deal with the US Profile update now; Determine how big the problem is; then IAWG to figure out a resource plan to fix
  • Andrew to write some problem statements and send to list
  • Andrew to draft a proposal for IAWG discussion on the analysis work that would be required to scope the overall problem

 

Next Meeting