Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Things haven't been quiet on the Trust Framework and Assurance program either during January. A second organization's solution was approved under Kantara's 800-63-3 scheme, with others working through the process and still others giving the idea consideration. An interesting dynamic that can play out often (and did so this month) is when the public sector steps back (in this case the furlough through much of December and January and the TFS part of the GSA FICAM program moribund), the private sector steps up and gets on with it. And We also had enquiries from two organizations interested in bringing their own schemes to Kantara to operate. I'll keep you up to date as they progress.

There's lots more to come on these because there. looking to had a busy and progressive year. The Service Assessment Criteria for NIST's SP 800-63-3 Digital Identity Guidelines were developed and deployed by the program’s Working Group steward (the IAWG) for Kantara's accredited assessors to review the compliance of identity and credential providers' services seeking Kantara's grant of Trust Mark upon systemic review and, where favourable, approval. To this day, Kantara remains the only entity offering 3rd party conformity assessment and approval for this de jure internationally recognized standard, whose promulgation through the GSA FICAM program, of which Kantara is an authorized Trust Framework Provider, has been significantly impacted by federal funding cuts. Nonetheless, the FICAM Trust Framework Provider community comprising InCommon, Kantara and SAFE-Biopharma have continued to operate the program for the benefit of the federal and state government without the support of the GSA. My sincere thanks, and well deserved community credit, goes out to the IAWG participants (led by Ken Dagg and Scott Shorter) and the Assurance Review Board chaired by Leif Johansson (SUNNET) and comprising Ken Dagg (IAWG liaison), Tom Barton (InCommon), Jamie Bryce Clark (OASIS), Richard Trevorah (tScheme), Nathan Faut and David Temoshok, upon whose weekly attendance and many hours of pre-meeting preparation the program depends, supported by Program Manager Ruth Puente and editor Richard Wilsher.     

Mid-year, Kantara absorbed the assets of the IDESG largely comprising the IDEF, the self attesting Registry, the wiki, the website, the committee artifacts and a small group of members and non member participants following the completion of the grant funding from NIST. While the transition into the newly established Kantara Initiative Educational Foundation occurred almost seamlessly thanks in particular to the efforts of Kay Chopard Cohen, Martin Smith, Tom Jones and Kantara's Oliver Maerz, activity and forward progress has been lower than anticipated. IDESG's Healthcare Committee was the standout exception as it reformed inside Kantara's Health Identity Assurance working group under Dr Tom Sullivan's exemplary leadership, contributing matters of significant concern and importance to the community in the last quarter of the year.    

While on the subject of Kantara's working groups, the bulk of the activity gravitated around the Of the work groups, the Consent & Information Sharing and UMA groups . On reflection, perhaps this was not surprising given GDPR enforcement from May 25th, where both Consent Receipt v1.1 and UMA are specifications that play directly to the mitigation of GDPR's and ePrivacy's compliance and privacy requirements while equally asserting the individual's sovereignty over their personal data and attributes. The development and demonstration of the interoperability potential of Kantara's Consent Receipt, and the proposed Licencing Model for UMA have piqued the interest of audiences around the globe. A special thanks the Group Leadership Jim Pasquale, John Wunderlich, Andrew Hughes, Eve Maler, Maciej Machulak respectively, along with the dedicated group of corporate members Consentua,, iWelcome, Open Consent Group, Trunomi, Ubisecure, and individual contributor volunteers Tim Reiniger, Catherine Shultern, Andi Hindle, Adrian Gropper, David Turner, Nancy Lush, Thomas, Cidgem, Domenico and the many others who supported by attending calls and contributing work. 2019 planning in these groups is well underway, whereby groups that became less active over 2018 as their work completed will be wound up and several new groups will be formed. Already formed a month ago is the continued to attract the most attention as they plan their consent receipt interoperability demo and submission to IETF respectively, with the Identity Assurance Work Group building its call attendances back up as the the cycle of document revisions sets the baseline for additional work this year. The short life ID Proofing and Verification Discussion Group which has enjoyed high call attendance and contributed use cases. This Group will collect Identity Proofing and Verification Use Cases from industry that will be contributed to has a really strong set of use cases with which to report back to the Study Period on the topic at ISO SC27 Working Group 5 Identity Management and Privacy in February. 

So there you have it. 2018 has seen Kantara improve its financial health, refine its membership and operating procedures, grow its membership, consolidate its work groups around focussed active interest areas, acquire other consortia assets and further develop both its programs.     

I think we can be proud of what we have achieved through the support and dedication of member and non member participants as well as active Board organizations, Experian, ForgeRock (Kantara President Allan Foster), ISOC (Kantara Secretary, Treasurer Robin Wilton), SecureKey, Leadership Council Representatives (Chair Andrew Hughes whose dedication is seemingly without bounds and Ken Dagg), my near 24x7 staff (Ruth and Oliver), Virtual Inc management staff (Megan, Bella, Joan, Joe, Rob, Tim and Tom, Bob, Madison, Mikaela and others), and without whom we could not have made 2018 the really solid progressive year for Kantara that it has been.

What's most important is how you think Kantara has done and what it in Tel Aviv in April. If you hurry there's still time to get yours in. and contributed use cases. 

As I previewed at the end of last year, 2019 marks Kantara's 10th anniversary (June 17, 2009 to be precise) and you will see our 10th Anniversary logo adorning a a range of our artifacts over the course of the year. Whether you have been in the Kantara community right from the beginning, or just joined us recently, we want to know what you think about us - both where we do well and where we could do better. Please spend a few minutes answering these 10 multi-choice questions in our annual member survey.

2019 marks Kantara's 10th anniversary and you will see recognition of it throughout the year. 10 years is some considerable feat in the highly volatile world of industry consortia!

As I look at the 12 months ahead, with the less-than-full knowledge I possess now, I see growth everywhere in every aspect of Kantara's activity - R&D and Assurance programs, Working Groups, consortia consolidation, asset acquisition, membership and sponsorship. I want it to be a landmark year for Kantara - not just because of its 10 years - but because I want to see all your enthusiasm, suggestions, introductions, and volunteer contributions come to fruition and receive the accolades they richly deserve.

Next week I will be in Washington DC supporting our KIPI Program partners at the DHS S&T Cybersecurity and Innovation Showcase. I've planned to meet with as many of you as I know will be available. If you are in DC next week please just Contact us to reserve a meeting time.  And while on the topic of next week please, please.. remember the Identiverse deadline is closing fast, so make sure to submit your presentation idea before the January 11 deadline.   

It is with great pleasure that we welcome new individual member Ivan Niccolai from Australia, joining fellow Australians, the Digital Transformation Agency, Lockstep Technologies, Meeco, Unify and others.