TFS Monthly Sync - Draft Meeting Notes
Wednesday, May 11, 2016
Ken Crowl, Experian
Scott Shorter, Kimble and Associates.
Peter Alterman, SAFE-BioPharma
Steve Smith, ID.me
Paul Caskey, Incommon
LaChelle LeVan, FICAM
Ruth Puente, KI
Key discussion items:
- The Incommon Working Group that was working on a Federation Interoperability Implementation profile completed the work and after public review and legal internal review it has the approval to go to Kantara.
- Another Working Group has been working on Multifactor Authentication Interoperability Profile, a resulting SAML based authentication context that could be used to cross-federated applications. The Working Group affirmed that they need something better of what they have, and there will be a future work item on what they call stronger multifactor. The final report was released for review and comments. Paul Caskey will send the information to the TFS mailing list.
- Incommon is currently getting feedback on their notion of baseline practices. They have tried to digest their experience into a very concise set of minimal statements that RPs can agree to. There are 4 statements for CSPs, 5 statements for RPs and 5 statements for Federation Operators. They expect to receive more feedback in the Global Summit in Chicago as there is a specific session focused on baseline practices. Paul will send the 3 types of statements to the TFS Sync mailing list as soon as the comment period finishes.
- The IAWG has reviewed its charter and it was re-approved.
- Initial steps towards beyond the US federal privacy profile, how could privacy criteria be incorporated into the IAF, there is an ongoing research on this question. On May 5th Jenn Behrens, Kimble and Associates privacy partner provided a general overview of the relevant policy background for establishing privacy criteria in the identity assurance framework, the recording is available at http://kantarainitiative.org/resources/webinars/
- They released the IAF Service Assessment Criteria in spreadsheet format, IAF 1401, which makes the process easier.
SAFE BioPharma Update
- SAFE has been working with the European electronic signature and infrastructure Working Group, ETSI, and they are focusing on pilot projects with some partners.
- 800-63-3 draft has some interesting topics that need a lot of discussion.
- 800-63-3 is in pubic preview, is only a draft.
- Instead of waiting for a final draft, they are trying to be ahead so agencies can receive clear documentation guideline.
- There is a limited set of teams that are working on 800-63-3.
- They want to include in the feedback process the TFS and PKI communities.
- Some of the changes, such as the virtual proofing models were directly impacted by the GSA workshop in January, so all the TFs and CSPs are able to adapt some of the emerging areas.
- In the feedback from the community, they are interested to know how it impacts the different frameworks; the transition plan; and how will that impact operations and different areas.
Industry suggestion to FICAM: consider an approach once things have settle down to work together towards the necessary changes that have to be made, so that nothing gets broken.
Next TFS Sync meeting: Wednesday, June 8 at 12:00 PDT/ 19:00 UTC