Link to IAWG Roster
As of 2015-01-22, quorum is 6 of 11
Use the Info box below to record the meeting quorum status
Meeting achieved quorum
Motion to approve minutes of yyyy-mm-dd:
Motion Carried | Carried with amendments | Defeated
RIchard Wilsher brings up the concern about the lack of review of RAA and AAS and other active participation in the Kantara IAWG.
Paul Kasky points out that the Kantara document set is somewhat intimidating with all the jargon, would be more beneficial if it were more approachable to a newcomer.
Richard suggests review of the glossary and the service assessment criteria as a way to obtain introduction in the field. It would be helpful if there was a single page on the wiki that had the latest set of Kantara documents on the web.
Richard also mentioned a document called the Metro Map, neither Scott nor Ruth recalls this one.
Angela Rey asked about the mission of the IAWG. Asking why folks aren't involved, most folks are not going to get benefit from participating in the IAWG. Angela has been debating whether this is beneficial or not - the barrier to entry is real, will keep people from participating and adopting Kantara. What the benefit is remains to be seen. Understanding and identifying a solution is difficult if not steeped in the IT world - everyone is seeking a higher degree of identity assurance. The e-gov is easier to participate in - the connect.gov presentation was helpful. Upon asking for clarification from RGW, Angela agreed that this is a problem that goes beyond Kantara to identity assurance policy generally.
RGW points out that NIST SP 800-63-2 sections 3, 4 and 5 are a good non-technical introduction.
Angela does not agree - while a fundamental foundational document discussing the technical in close detail is necessary, but a parallel document should provide plain language discussion for the average user to understand the concept without understanding the minutae of identity assurance.
RGW would hope that the Kantara Overview document would provide this - IAF-1000.
Angela is less concerned with the Kantara document as opposed to the concepts and lexicon of identity assurance to be plain language for the average user.
Angela discusses the use of EMV cards for Medicare. Wouldn't it be interesting if the new Medicare card has an authentication credential. CMS is issuing identity credentials for the medical providers - here's a vehicle to have a card that identifies people - Federal employees could use a chip card. What if Medicare card had such a credential. Medicare is issuing pilots to figure out how to issue the cards - looking for ideas. E.g. DOD did a pilot looking to link PIV card to Metro. Hoping Kantara could serve as a catalyst to bring the IT world to the outside world and explain the benefits to other parties.