Blog

Blog

IAWG Update
  • The IAF Overview was approved by LC and is currently undergoing an All Member Ballot.
  • IAWG submitted a response to the UK Department of Digital, Culture, Media and Sports (DCMS) Call for Evidence on Digital Identity.
  • Kantara Initiative members identified a number of instances where interpretation of SP 800-63 rev.3 requirements has proven to be challenging. In response to these challenges, IAWG developed five Implementation Guidance Reports and submitted these comments to NIST. NIST provided a response and has held the first of several discussions with IAWG to clarify and discuss how these shortcomings can be addressed by Kantara. Based on these discussions IAWG will,develop modifications or guidance concerning its current SAC.
HIAWG Update
  • The HIAWG Charter has been approved by LC.
UMA WG Update
  • In the business-legal framework work stream, the Work Group is editing a document as a companion for the draft Report previously published. Notes, status, and links can be found on this page.
  • The technical work stream does not have many active work items at present, but the Work Group is about to analyze the transactional/rich authorization IETF drafts.
IAWG Update
  • IAWG received comments on the IAF Overview during the 45 day All Member and IPR Review. These comments have been considered and, where appropriate, updates to the document have been made. The document is going to LC for approval shortly.
  • IAWG is preparing comments for DIACC (Digital Identification and Authentication Council of Canada) on the Privacy Component and the Privacy Conformance Criteria of their Pan Canadian Trust Framework (PCTF).
  • IAWG is preparing a response to the UK Department of Digital, Culture, Media and Sports (DCMS) Call for Evidence on Digital Identity.
  • Kantara Initiative members identified a number of instances where interpretation of SP 800-63 rev.3 requirements has proven to be challenging. In response to these challenges, IAWG developed five Implementation Guidance Reports. IAWG submitted these comments to NIST requesting that they review the reports and provide feedback as to the correctness of Kantara’s interpretation and therefore of its recommended action(s). It should be noted that, in the interests of progressing adoption and encouraging provision of services which meeting the requirements of SP 800-63 rev.3, Kantara has adopted and is already applying the recommendations.
UMA WG Update
  • The Work Group has decided how to proceed on its UMA2 IETF Internet-Drafts, which are expiring next week. The current plan is to proceed with an "independent submission" and see Informational RFC status for the drafts, which we anticipate would enable the Kantara Recommendations to be published as RFCs in substantially similar form.
  • The business-legal framework effort has produced a draft state diagram reflecting how real-world changes or transitions in the situations of a data subject and/or resource rights administrator could change the number of either of them. The Work Group is still working on this. More to come in this work stream, possibly including multiple state diagrams reflecting different kinds of such transitions, for different legal parties in the UMA ecosystem. These (relatively) simple diagrams map to many different real-world scenarios.
IAWG Update
  • IAWG received comments on the IAF Overview during the 45 day All Member and IPR Review. These comments are being considered for making changes to the document.
  • Kantara Initiative members identified a number of instances where interpretation of SP 800-63 rev.3 requirements has proven to be challenging. In response to these challenges, IAWG developed five Implementation Guidance Reports. IAWG submitted these comments to NIST requesting that they review the reports and provide feedback as to the correctness of Kantara’s interpretation and therefore of its recommended action(s). It should be noted that, in the interests of progressing adoption and encouraging provision of services which meeting the requirements of SP 800-63 rev.3, Kantara has adopted and is already applying the recommendations.
IAWG Update


  • IAWG approved the IAF Overview and it is undergoing a 45 day All Member and IPR Review. This document combines the current IAF Overview (IAF1000) and the IAF Glossary (IAF1100) into a single document.


IAWG Update
  • Work continues on overhauling the IAF Overview which will combine the current IAF Overview (IAF1000) and the IAF Glossary (IAF1100) into a single document. The new document will also be the IAF Overview but will have a new number IAF1050 to reflect that it is a combination.
UMA WG Update
  • The Work Group's chair and vice-chair presented the specifications to the OAuth group (remotely) at the IETF 104 meeting in Prague and several other UMA2 stakeholders were present in the room. Discussions are ongoing with the OAuth group leadership about when and how to do a call for adoption of the documents. The UMA Work Group chair plans to do an extended in-person Q&A session IETF 105 in July in Montreal, in which there seems to be good interest.
  • A plan is moving forward for reinvigorating the business model work and publishing a second report by September.
  • Implementers are discussing how best to report out on interoperability testing work done to date at the Identiverse conference.
  • The chair is doing an UMA 101 session by request at the upcoming IIW event.
  • One or more profiles/extensions are expected to be contributed for discussion as potential work items shortly.
  • Our meeting schedule in Q2 is lightened due to its being "identity conference season".
IAWG Update
  • During discussions on overhauling the IAF Overview, the IAWG decided to combine the IAF Overview (IAF1000) and the IAF Glossary (IAF1100) into a single document. The new document will also be the IAF Overview but will have a new number IAF1050 to reflect that it is a combination.
  • On behalf of Kantara Initiative, IAWG submitted comments to DIACC on their Pan-Canadian Trust Framework (PCTF) Model Overview Discussion Draft V0.02.
UMA WG Update
  • The Work Group has contributed the UMA 2.0 specifications to the IETF OAuth Working Group as Internet-Drafts, and is advocating that they be adopted as work items. Eve and Maciej (chair and vice-chair) will be presenting on the specs at the upcoming IETF 104 meeting in Prague in a couple of weeks.
  • The Work Group has re-elected Tim Reiniger as our Legal Editor, and thanks Tim for his service! We have put our UMA business model work aside for the moment as we put our efforts into the IETF project.
  • Interoperability is becoming a topic of greater interest, and we have been offered a short session at the Identiverse conference in June to present on interop testing results. We will be working out what to present over the next few months.
  • Identos has the latest implementation appearing on our Implementations page.
UMA WG Update
  • The Work Group continues its work on "decoupled" use cases.
  • We have not yet published a draft of the business model mapping, but are working on it.
  • We have started discussing some specifics of current IETF OAuth WG drafts and ways to comment on them, e.g. at the IETF 104 meeting.
IAWG Update
  • Revisions to the IAF Overview (IAF1000) continue.  A draft has been sent to current Kantara Approved CSPs and their input has been received. The IAF Glossary (IAF1100) will be the next document to be revised.
UMA WG Update
  • In the last couple of months, the Work Group has been reviewing the work of recent UMA2 implementers, the results of which – including profiling and extensions – can now be seen on the UMA Implementations page.
  • The Work Group is considering "decoupled" use cases/flows (related to work being undertaken at the OpenID Foundation under the "CIBA" name), also known as "180 degrees", when the requesting party needs to come to trust the resource owner who is sharing resource access with them.
  • Shortly we hope to consider some draft reports for business model use cases and technical artifact/legal device mappings based on work done earlier in the year.
IAWG Update
  • Updates to the SAC to accommodate challenges that have been encountered during assessments using NIST 800-63 Rev3 have been approved by an All-Member Ballot (October 27, 2018). These changes will be used by Assessors going forward.
  • Revisions to the IAF Overview (IAF1000) continue.  A draft has been sent to current Kantara Approved CSPs for their input. The IAF Glossary (IAF1100) will be the next document to be revised.
  • The Group Charter has been endorsed by the Group and the current leadership team has been affirmed for another year.