Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Remember also that Kantara is structured so as to enable community working group and discussion group support for its Assurance Programs. Not all projects from all groups lean this way, but where they do, great synergy can be achieved. For example, the IAWG develop the assessment criteria and is comprised of experts from the private, public and Higher Ed sectors as well as individuals and accredited assessors. And all the working groups have the potential to act as steward for the frameworks and the assessment criteria for conformance to standards within those frameworks, just as the IAWG does for the Identity Assurance Framework.  Alongside developing submissions to calls for contributions on digital identity-related matters as part of its global civic duty, it also develops the assessment criteria needed for the accredited assessors to consistently assess and report their findings for applicant service provider solutions. To these dual ends, the IAWG has had a huge few months. Firstly, in relation to NIST SP 800-63-3, the IAWG developed criteria for 63C, FAL2 and FAL3, and the level 3 criteria for N800-63-3 IAL3, AAL3 and FAL3 63A and 63B, IAL3 and AAL3 that are coming to the end of their All Member Ballot period. (NOTE BENE: If you are the primary representative of your organization or an individual member, please do your duty to the community by abiding by the email sent to you and casting your vote on this important work). Secondly, last week the IAWG completed and submitted its input to the open public consultation is on the European Union's eIDAS regulation.  Some of the response was an online questionnaire which we can't link to but our additional responses to support the online questionnaire is here. Thank you individual contributor member Mark King leading the active and animated discussion at meetings and on the list regarding this, and to Staff (Ruth) who took it on the final path to submission.  

...

I could not sign off on this blog without particular mention of Kantara's announcement last week. The news that Kantara and SAFE Identity have entered into a non-financial non exclusive agreement to co-market and recognize each others non-PKI and PKI Trust Marks respectively where reciprocity exists, is not only foundational for the organizations themselves but also profound for the industry.  For as many years as I have been in this industry (over 15 years now) I have seen continuous fragmentation and 'gold rush' self interest prevail. Collaboration amongst competitors, when it does happen, is usually around standardization and development of best practise practice in the neutral venues such as Kantara or standards setting organizations that suit multiple parties objectives. The Kantara- SAFE collaboration is direct - recognizing and respecting each organizations' strengths and capabilities such that complementing rather than competing is a rational approach.  It signals - at last! - that this industry is capable of removing friction for the betterment of its stakeholders and consumers that we are here in this ecosystem to serve.               

...