|MoU and next steps|
- Ben has sent a revised version of the MoU on May 10th KI Approved CSP-to-IDESG IDEF Registry MoU Rev3.docx
- Ben and David revised what was applicable and what is no longer applicable regarding some privacy criteria and added Annexes A, B and C.They added step 7 in the on-boarding process, Annex A.
- Colin has accepted the changes and a final version was circulated on May 17th KI Approved CSP-to-IDESG IDEF Registry MoU Rev3 Changes accepted clean for Board.docx
- David explained some details on the Annexes and tables:
-Table 1. Interop 2, 3 and 4 for LoA 4 was partially confirmed. KI also confirmed for Interop 2, 3 and 4. Partial for LoA4 and not for LoA 2 and 3 when there is no credit. Privacy 13 requires specific privacy assessment, there was no credit and was confirmed by KI.
-No changes were made to the KI US federal privacy mapping table (Table 2).
-Table and annex C relate to the Table 1 of Annex B.
-Table 3 shows the baseline for the IDEF requirements that has been mapped as full conformance or partial for full service CSPs. Also approves components provides the identity proofing component or the credential management component not all the baseline requirements because not all the 1400 are assessed for those components.
-Table 4. Privacy requirements certified, there is not differentiation for full service or component, which are assessed against all the pre-qualifications for the IDEF baseline requirements that apply.
-Table 5. Shows the baseline requirements for ID proofing component and baseline requirements that are mapped and satisfied for id proofing component that are approved just for the component function.
-Table 6 IDEF Registry Prequalification for IDEF Baseline Requirements for Kantara-approved Credential Management Component Service Providers. For full service or components that are not pre-qualified for specific baseline requirements and were determined as not comparable, not equivalent, no applicable, are not shown in the table. So the table only shows those baselines requirements that the 3 types of KI approvals are pre-qualified for, full service CSPs, identity and verification components and credential management service components.
- David and Ben offered to help presenting the MoU in June´s KI BoD meeting (June 15th). David pointed out that they would like to jointly draft the communications to the KI CSPs that will contain the MoU.
- Colin may be able to present KI views on the IDESG Board Meeting.
- David and Ben will send the clean version to the IDESG Board for their consideration. Ben will ask the Board to designate the person that will be the IDESG contact in the MoU.
- The MoU needs IDESG legal review for the sign off.