[KI-LC] Comments: US Federal Privacy Profile (RE: Draft agenda for LC telecon 2012-02-01)

Colin Wallis Colin.Wallis at dia.govt.nz
Tue Jan 31 20:11:10 EST 2012


http://kantarainitiative.org/confluence/pages/viewpageattachments.action?pageId=49775195&highlight=Privacy+Assessment+Criteria+for+the+US+Federal+PrivacyProfile+---+comments+by+Ann+Geyer%2C+Susan+Landau.doc#Privacy+Assessment+Criteria+%28PAC%29-attachment-Privacy+Assessment+Criteria+for+the+US+Federal+PrivacyProfile+---+comments+by+Ann+Geyer%2C+Susan+Landau.doc

for those with long memories.. :)

From: Colin Wallis
Sent: Wednesday, 1 February 2012 2:01 p.m.
To: lc at kantarainitiative.org
Subject: Comments: US Federal Privacy Profile (RE: [KI-LC] Draft agenda for LC telecon 2012-02-01)


OK so I had a quick look at this.

Hoping some folks can help with more context here. As soon as I saw the Identity Subject Privacy Requirements, the work in P3 came flooding back - started by Bob Gellman and then taken a bit forward by Anna, Susan, Rich, Dave and a few of us.

So was the work here in IAWG, informed by the P3 work? It looks like it but it might be just a co-incidence. If it is, then does P3 need to do to the first iteration of the Privacy Profile as scoped - that is, do a  Privacy Profile for ICAM, because it seems pretty much done in this IAWG doc.

Moving on to the doc itself.

First thing many folks do, and that includes me, iIs go through and circle the 'must', 'should', 'shall' 'may' words, to get a feel for what  requirements are going to be audited and if that was what the writer intended?

To that end, there are some inconsistencies. 'Most 'shoulds' are underlines, but not all, but no  'musts' are.

There is a rogue 'shall' in line 135 (2.7 Termination) that is not consistent..unless there is some implicit intent I am missing here...
There is a seriously rogue 'should' on line 139 (2.8 Changes in the Service).

The first item is one helluva paragraph, and needs splitting up..because I for one, get lost in who is doing what to whom and whether a Subject is just short hand for an Identity Subject, or some other actor.

2.1 Informed Consent - At the time the Identity Subject initiates registration, the CSP must provide the Subject a general description of the service and how it operates including what information, if any, may be released by default to any Relying Party and, if the Subject indicates intent to use the service to gain access to Federal government applications, must make available to the Identity Subject what additional information, if any, may be released to such applications. The Subject must indicate consent to these provisions before registration can be completed.

Hope this helps.

Cheers
Colin


From: lc-bounces at kantarainitiative.org [mailto:lc-bounces at kantarainitiative.org] On Behalf Of Lara Zimberoff
Sent: Wednesday, 1 February 2012 4:58 a.m.
To: lc at kantarainitiative.org
Subject: [KI-LC] Draft agenda for LC telecon 2012-02-01

Below, please find the draft agenda for the LC call taking place tomorrow, Wednesday, February 1 2012.
http://kantarainitiative.org/confluence/display/LC/LC+telecon+2012-02-01

LC telecon 2012-02-01
Date and Time

 *   Date: Wednesday, 01 February 2012
 *   Time: 13:00 PT | 16:00 ET | 20:00 UTC (time chart<http://timeanddate.com/worldclock/fixedtime.html?month=6&day=22&year=2011&hour=20&min=0&sec=0&p1=0&sort=2>)
 *   Skype: +99051000000481
 *   US Dial-In: +1-805-309-2350 | Room Code: 402-2737
 *   International Dial-In Numbers<http://kantarainitiative.org/confluence/display/GI/Telco+Bridge+Info>

Agenda

 1.  Roll Call<http://kantarainitiative.org/confluence/display/LC/Roster>
 2.  Approve 2012-01-18<http://kantarainitiative.org/confluence/display/LC/LC+telecon+2012-01-18> Minutes
 3.  Discuss and vote on the IAWG's Additional Criteria: US Federal Privacy Profile v2.0
 4.  April 13-14 F2F in Germany Agenda Discussion
 5.  WG Updates
 6.  BoT Liaison Representative Update
 7.  Status of Quarterly WG Reports
 8.  AOB
 9.  Adjourn

Attendees

Quorum is 6 of 11 as of 13 July 2011.

 1.  TBD

Staff:

 1.  TBD

Secretary:

 *   TBD

Non-voting:

 1.  TBD

Apologies:

 1.  TBD

Roll Call<http://kantarainitiative.org/confluence/display/LC/Roster>
Minutes & Notes
Approve 2012-01-18<http://kantarainitiative.org/confluence/display/LC/LC+telecon+2012-01-18> Minutes

Motion: xx moves, xx seconds
2012-02-01-A<http://kantarainitiative.org/confluence/display/LC/LC+telecon+2012-02-01>

Approve minutes: http://kantarainitiative.org/confluence/display/LC/LC+telecon+2012-01-18


Passed by xx consent.

Discuss and vote on the IAWG's Additional Criteria: US Federal Privacy Profile v2.0
April 13-14 F2F in Germany Agenda Discussion
WG Updates
BoT Liason Representative Update
Status of Quarterly WG Reports
AOB
Adjourn

Next Meeting

 *   Date: Wednesday, 15 February 2012
 *   Time: 13:00 PT | 16:00 ET | 20:00 UTC (time chart<http://timeanddate.com/worldclock/fixedtime.html?month=7&day=6&year=2011&hour=20&min=0&sec=0&p1=0&sort=2>)

Lara Zimberoff, Office Manager
lara.zimberoff at apenimed.com<mailto:lara.zimberoff at apenimed.com>
ApeniMED, Inc.
510 First Ave N, Suite 650
Minneapolis, MN 55403
o. 612-435-7600  / c. 612-296-0447
[cid:image001.gif at 01CCE0EB.58CF78B0]
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.




====
CAUTION:  This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you.
====
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/lc/attachments/20120201/6d26eca5/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 3358 bytes
Desc: image001.gif
Url : http://kantarainitiative.org/pipermail/lc/attachments/20120201/6d26eca5/attachment-0001.gif 


More information about the LC mailing list