Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Kantara Initiative Identity Assurance WG Teleconference

Table of Contents
maxLevel3
minLevel3
typeflat
separatorpipe

 

Info

DRAFT Meeting Minutes - IAWG approval requiredIAWG Approved 2014-05-07

Date and Time

Agenda

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Minutes approval: IAWG Meeting Minutes 2014-04-03IAWG Meeting Minutes 2014-04-10
    4. Action Item Review
    5. Staff reports and updates
    6. LC reports and updates
    7. Call for Tweet-worthy items to feed (@KantaraNews or #kantara)
  2. Discussion
    1.  FICAM TFS Monthly call (occurs April 17 just prior to IAWG)
    2. Kantara-FICAM mapping update
  3. AOB
    1.  
  4. Adjourn

 Attendees

Link to IAWG Roster

As of 2014 March 13, quorum is 5 of 9

...

Info

Meeting achieved quorum

Voting

  • Rich Furr ( C)
  • Andrew Hughes (S)
  • Bill Braithwaite
  • Scott Shorter
  • Matt Thompson
  • Cathy Tilton
  • Ken Myers

Non-Voting

  • Ken Dagg
  • Jeff Stollman

Staff

  •  Joni Brennan

Regrest

    • Paul Calatayud (V-C)

Notes & Minutes

Administration 

Minutes Approval

IAWG Meeting Minutes 2014-04-03

IAWG Meeting Minutes 2014-04-10

Motion to approve minutes of 2014-04-03 and 2014-04-10: Braithwaite
Seconded: Shorter
Discussion: None
Motion Carried 

Action Item Review

See the Action Items Log wiki page

(action item log not updated since last call)

Staff Updates

  • Director's Corner Link
  • Event Radar 2013 and 2014 Link
  • Marissa (Project Manager) will be assisting IAWG to support leadership progress and ongoing projects.
  • Working closely with other FICAM TFP participants in engaging FICAM program.
LC Updates
  •  No call this period
Participant updates
  • None offered

Discussion

FICAM TFS Monthly call
  • Many IAWG regulars were on the FICAM TFS call
  • 'Comparability' versus 'compliance' was a hot topic
  • FICAM TFS says that TFP's TF rules must show Comparability to the FICAM Trust Criteria. Then the CSP must Conform to the TFP TF rules
  • Comparability versus conformance matters more in some areas than others
  • The Federal Agencies are asking for certified services that are not the FICAM approved services
    • A challenge is that the reasons the Agencies are not accepting FICAM offerings are not fully understood or known
    • Is there a view that FICAM Approved services do not deliver services that meet the Agency needs? (needs to be checked)
  • FICAM Trust Framework Solutions needs to work with Industry to inform Agencies on the programs and how they meet the requirements
  • Should look at how other governments (Canada, New Zealand) have addressed this, and help FICAM 
    • Kantara could work towards a Comparability Framework drawing on global experiences would be very helpful
    • Need to define the process to determine comparability
    • Could state the objective for comparability so that the Assessors would have guidance
    • Comparability must start at the objective point - this must precede and support the Criteria
      • many schemes state criteria without obvious objectives statements
      • Look at Canada's work on objectives
      • Look at UK GPG 43 - sets up the objectives for service delivery
  • Canada did a guide on how RPs should approach risk assessment to determine what they need. Then the CSP offers the AL service and can express how it meets.
  • Comment: 4 AL seems to work best when Comparability is not in play - only when there are strict criteria do all parties know what they are getting. When there's uncertainty on what's included, it is hard to stay within an AL and variability ensues.
  • Shorter will send:  Implementation Guidance for FIPS 140-2 which sets out the cases that have been examined. 

...

 

Update on FICAM SAC Mapping sub-group
  • Round 1 is done - Rich to circulate to IAWG - please comment back and input
    • Color coded the requirements
    • Note that most ATOS requirements are Red - around the 'Attribute' issue
  • Next: create a sub-group to take current SAC and build a 'global core' of requirements, 
    • then setup for Geographic Entity Profiles (e.g. FICAM, UK GPG, Canada, NZ)
  • AI: Rich to call for participation for sub-group - Joni to forward call to Anil for wider engagement. Listeners OK. Contributors must sign GPA.

AOB

 

Carry-forward Items

 

Attachments

 

 

Next Meeting

...