IAWG – Separating Token and Attribute Manager Functions

On Nov 30 Kantara held a “Trusted ID” F2F meeting in Washington DC to talk strictly Assurance and alignment with Government based AuthN requirements like that of NIST 800-63 and ISO 29115. We should make clear that, for Kantara, “Government alignment” is not a US initiative but a global initiative.  We believe that digital identity should be voluntary, pervasive, privacy enabling, and with-out-borders (portable across jurisdiction and domain if you choose).
In addition to the US and broader International needs the group spent time discussing the recent work of the Identity Assurance Work Group (IAWG) focused on the separation of credential provision functions from identity attribute functions in the KI Identity Assurance Framework-Service Assessment Criteria. This model takes strong influence from Gov of Canada Identity Assurance approach and their Canadian Privacy Commissioner.  One of our IAWG goals is to bridge the gap between the US and Canada approaches as a starting point toward a multi-stakeholder standardized Identity Assurance Framework.
Following the meeting Architecture, Digital Security and Privacy Blogger,  Anil John, took some time to do a deep dive in review of the Kantara paper which was found to be very consistent with NIST 800-63.  He also identified some alternative approaches to the use of  “Credential Manager” versus a “Token Manager” approach.  At this time the IAWG is taking in the feedback from Anil, Kantara Members, and the public, to incorporate, as appropriate, in to their next round draft.
We’d like to thank the IAWG for their hard work developing the paper and Anil for his personal input.  We invite you to join the developing conversation, join IAWG, and participate!
Get the original paper.
Read the feedback.
Join the discussion.