TFS Monthly Sync – Draft Meeting Notes
Wednesday, November 9, 2016
Andrew Hatter, YIN International, Inc.
Scott Shorter, KUMA
Ken Crowl, Experian
Adam Madlin, Symantec
Jeff Shultz, ID.me
Tom Barton, Incommon
Kevin Morooney, Incommon
Peter Alterman, SAFE Biopharma
Andrew Hughes, KI LC Chair
Colin Wallis, KI CEO
Russ Weiser, Synchronoss
Ann West, Incommon
Ruth Puente, KI
- The Incommon community has reviewed the Baseline Practices, a minimum set of requirements for Incommon Federation participants, and the Steering Committee has approved it.
- Multifactor authentication interoperability profile, a standard way to signal an authentication requirement over the wire in SAML. This profile will establish the authentication contract request when the RP wants to request multifactor of a CSP (it is not an assurance profile). The goal of the joint work with REFEDS is to make this profile a global standard across the research and education federation space to be able to set multifactor across countries. The REFEDS WG is evaluating the adoption of Incommon interoperability profile through a consultation process in order to get to adopt a REFEDS endorsed standard. They found later that there is a similar activity sponsored by GEANT, so they are working to harmonize both efforts and soon the outcome will be an international standard for the community.
- REFEDS research assurance profile work is higher than the baseline level; they are experimenting with vectors of trust to signaling attribution by RP of notion of level of assurance.
- SIRTIFI, security Internet response, very low bar, a way to enable and encourage collaboration by security team across multiple federations. The Sirtfi document is globally agreed and published.
KI IAWG Update
- Evaluation of IDESG mapping to the KI IAF.
- Gathering comments on NISTIR 8149 about Federation Developing Trust Frameworks to Support Identity Federations. NIST provided an extension for comments.
- Discussion on how to approach an impact analysis on 800-63-3 and evaluation of the necessary internal adjustments.
- NISTIR 8149. They sent comments directly to NIST on November 1st.
- They believe that the conceptual model is wrong and inadequate construction, so they avoided the line-by-line response.
- The document describes only one form of federated identity management but there is a much broad description. The Relying Party accepts credentials issued by other entities as if they have been issued by itself.
- The document does not define the core point adequately.
- There are different ways of deploying federation.
- Absence of infrastructure services.
- It addresses conformity rather than comparability. Comparability is the key conceptual mode for trust frameworks.
- They recommended that the draft be withdrawn.
- SAFE-Biopharma is actively involved with the internationalization initiative on the electronic signatures and infrastructure WG. There is a technical team working on trust list and cross certification and harmonization.
- They completed a second mapping of the SAFE Biopharma CP to the latest versions of the ETCI standards. They have incorporated compliance with the European Data protection regulation.
- They are co-sponsoring the Internationalization of ICAM Day, planned for end of March.
- Conversations with CAs in Europe.
- They are working on the Blockchain proof of concept.