[KI-LC] [WG-IDAssurance] Comments on IAWG US Federal Privacy Profile

Joni Brennan joni at ieee-isto.org
Thu Sep 16 15:50:13 EDT 2010


Anna,

As only staff has the contact information for these comments I think it
could be useful to reach out to the commenter and ask them if they'd like to
join the group for further dialogue. With that could you please contact this
commenter (off any public list) and extend the invite to join and discuss
with the IAWG or directly with an IAWG Participant.

Thanks in advance,

Joni

On Thu, Sep 16, 2010 at 10:48 AM, David L. Wasley <dlwasley at earthlink.net>wrote:

>  WRT ...
> -----
> At 9:34 AM -0700 on 9/16/10, Anna Ticktin wrote:
>
> *This message is to inform the LC that the staff has received the
> following comments as one submission to the IAWG US Federal Privacy Profile
> document. *
>
> *We expect the IAWG to review this comment at their earliest convenience.*
>
> *
> *
>
> *Please note the comment period remains open until 20 September 2010.
> Further comments will be forward for your review and consideration upon
> receipt.*
>
> *
> *
>
> *Selected Document: IAWG US Federal Privacy Profile*
> **
>
> * *
> **
>
> *Comments:*
> **
>
> *1.     Line 55  "No requirements found Š"  It is entirely unclear what
> this sentence means.  Please restate this in a positive sense so we know
> who/what these requirements DO apply to.*
>
>
> That sentence says (paraphrased) "nothing here applies to relying
> parties."  The previous sentence says (paraphrased) "these requirements
> apply to CSPs."  I don't understand what this persons means by "unclear."
>
> *
> *
>
> *2.     Lines 80-85  Please rewrite this in English.  Use multiple simple
> sentences.  This is a one-sentence paragraph that is not intelligible.*
>
>
> I assume this applies to paragraph b. Optional Participation.  It is
> perfectly clear, plain English.  However, maybe it should include a sentence
> about the general case, i.e. how does this apply to a CSP other than what is
> described.
>
> *
> *
>
> *3.     Add a section at line 86 or line 93  "Revocation - There must be a
> supported mechanism by which an identity subject can alter or withdraw a
> previously submitted informed consent."*
>
>
> That is not required by the FICAM TFPAP.  This document is not intended to
> be general "privacy requirements for all CSPs."  If it ere, then revocation
> might be considered.
>
> *
> *
>
> *4.     Line 139  Add an acronym key to the end of the document*
>
>
> Maybe we need a standard acronym glossary that is inserted into all
> documents (or maybe stands alone and is referred to by all documents).
>
>
>         David
>
> _______________________________________________
> WG-IDAssurance mailing list
> WG-IDAssurance at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-idassurance
>
>


-- 
Joni Brennan
IEEE-ISTO
Kantara Initiative
Managing Director
voice:+1 732-226-4223
email: joni @ ieee-isto.org
gtalk: jonibrennan
skype: upon request

Join the conversation on the community@ list -
http://kantarainitiative.org/mailman/listinfo/community
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/lc/attachments/20100916/2eb143aa/attachment-0001.html 


More information about the LC mailing list