<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc="http://microsoft.com/officenet/conferencing" xmlns:D="DAV:" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:mt="http://schemas.microsoft.com/sharepoint/soap/meetings/" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ppda="http://www.passport.com/NameSpace.xsd" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcs="http://schemas.microsoft.com/data/udc/soap" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:udcp2p="http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss="http://schemas.microsoft.com/office/2006/digsig-setup" xmlns:dssi="http://schemas.microsoft.com/office/2006/digsig" xmlns:mdssi="http://schemas.openxmlformats.org/package/2006/digital-signature" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:spwp="http://microsoft.com/sharepoint/webpartpages" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:pptsl="http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/" xmlns:spsl="http://microsoft.com/webservices/SharePointPortalServer/PublishedLinksService" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="&#1;" xmlns="http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
 /* Font Definitions */
 @font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Balloon Text Char";
        margin:0cm;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";}
span.EmailStyle17
        {mso-style-type:personal-reply;
        font-family:"Arial","sans-serif";
        font-variant:normal !important;
        text-transform:none;
        position:relative;
        top:0pt;
        mso-text-raise:0pt;
        letter-spacing:0pt;
        text-shadow:none;
        font-weight:normal;
        font-style:normal;
        text-decoration:none none;
        vertical-align:baseline;}
span.BalloonTextChar
        {mso-style-name:"Balloon Text Char";
        mso-style-priority:99;
        mso-style-link:"Balloon Text";
        font-family:"Tahoma","sans-serif";}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page Section1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
        {page:Section1;}
 /* List Definitions */
 @list l0
        {mso-list-id:66925496;
        mso-list-template-ids:-1840374684;}
@list l1
        {mso-list-id:579366210;
        mso-list-template-ids:-1470346158;}
@list l1:level1
        {mso-level-start-at:2;
        mso-level-tab-stop:36.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l2
        {mso-list-id:771432539;
        mso-list-template-ids:126752386;}
@list l2:level1
        {mso-level-start-at:4;
        mso-level-tab-stop:36.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l3
        {mso-list-id:1014958147;
        mso-list-template-ids:1316095032;}
@list l3:level1
        {mso-level-start-at:3;
        mso-level-tab-stop:36.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l4
        {mso-list-id:1650358787;
        mso-list-template-ids:1221331512;}
@list l4:level1
        {mso-level-start-at:5;
        mso-level-tab-stop:36.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5
        {mso-list-id:2036693121;
        mso-list-template-ids:1485895248;}
@list l5:level1
        {mso-level-tab-stop:36.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level2
        {mso-level-tab-stop:72.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level3
        {mso-level-tab-stop:108.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level4
        {mso-level-tab-stop:144.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level5
        {mso-level-tab-stop:180.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level6
        {mso-level-tab-stop:216.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level7
        {mso-level-tab-stop:252.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level8
        {mso-level-tab-stop:288.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
@list l5:level9
        {mso-level-tab-stop:324.0pt;
        mso-level-number-position:left;
        text-indent:-18.0pt;}
ol
        {margin-bottom:0cm;}
ul
        {margin-bottom:0cm;}
-->
</style>
<!--[if gte mso 9]><xml>
 <o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
 <o:shapelayout v:ext="edit">
  <o:idmap v:ext="edit" data="1" />
 </o:shapelayout></xml><![endif]-->
</head>

<body lang=EN-NZ link=blue vlink=purple>

<div class=Section1>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Many
thanks Jeff<o:p></o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>All
good points - many of which were raised in discussions over the draft and often
not completely resolved with the justification something like &quot;lots of
details to work out later for those that buy into the general thrust and concept
of what we want to do..&quot;<o:p></o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>I'll
give you my personal 2c worth on your questions below..<o:p></o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Cheers<o:p></o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Colin
<o:p></o:p></span></p>

<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p>&nbsp;</o:p></span></p>

<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>

<p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:
"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'> j stollman [mailto:stollman.j@gmail.com] <br>
<b>Sent:</b> Thursday, 19 August 2010 1:17 a.m.<br>
<b>To:</b> Colin Wallis<br>
<b>Cc:</b> Kantara Leadership Council Kantara<br>
<b>Subject:</b> Re: [KI-LC] Action Item 6b - United Identities (UI) paper - are
we interested? - LC call 4th August<o:p></o:p></span></p>

</div>

<p class=MsoNormal><o:p>&nbsp;</o:p></p>

<p class=MsoNormal>Colin,<br>
<br>
I am pleased to see that the concept of an independent, high-assurance IdP is
gathering support.&nbsp; They have a long row to hoe before I would be willing
to commit support to this particular effort.&nbsp; <br>
<br>
The sticking points for me are the following:<o:p></o:p></p>

<ol start=1 type=1>
 <li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;
     mso-list:l5 level1 lfo3'>What assurance level(s) is UI intending to
     support?<o:p></o:p></li>
</ol>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span
style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&lt;&lt;CW: Level 2
and 3 is my guess&gt;.<o:p></o:p></span></p>

<ol start=2 type=1>
 <li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;
     mso-list:l5 level1 lfo3'>What breeder documents would be used to create a
     high-assurance identity?&nbsp; How universal would be the acceptance of a
     high-assurance identity based on these documents?<o:p></o:p></li>
</ol>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span
style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&lt;&lt;CW: Oh yes..I
forget how many times this came up..:-) I got the impression UI would leverage
ID proofing processes used by banks, maybe CC companies, in trying to find a
globally acceptable ID Proofing process. I know one could debate that
one..&gt;&gt; <o:p></o:p></span></p>

<ol start=3 type=1>
 <li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;
     mso-list:l5 level1 lfo3'>What processes would be implemented to keep UI
     from being undermined by fraudsters seeking to leverage UI to create
     counterfeit identities?<o:p></o:p></li>
</ol>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span
style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&lt;&lt;CW: We didn't
really get into this beyond what any IdP might do regards best practice, but
it's a valid point&gt;&gt; <o:p></o:p></span></p>

<ol start=4 type=1>
 <li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;
     mso-list:l5 level1 lfo3'>What data on the individuals used to
     grant/maintain a UI high-assurance ID would be retained by UI and how
     would it be protected?.<o:p></o:p></li>
</ol>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span
style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&lt;&lt;CW: Same
answer as (3) above , but it's another 'Crown Jewells' question and one with
'architectural approach' innuendo.&nbsp; 'Not centralised' is about as far as
any implications out of the discussion went.&gt;&gt;<o:p></o:p></span></p>

<ol start=5 type=1>
 <li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;
     mso-list:l5 level1 lfo3'>How will UI address the overlapping and
     conflicting regulatory constraints imposed by the various jurisdictions
     across which UI's identities are likely to be used?<o:p></o:p></li>
</ol>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span
style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&lt;&lt;CW: as per
(2) it was raised many times, with no clear resolution. &nbsp;But there was an
idea of having a US based IdP and an EU based IdP with the idea that other jurisdictions
might align more or less behind one of those, but again, a question left for
later..&gt;&gt; <o:p></o:p></span></p>

<p class=MsoNormal style='margin-bottom:12.0pt'>These concerns are the common
issues for any IdP, but they become more critical because of UI's intent of
providing a high-assurance ID.&nbsp; Until these issues are addressed, my
confidence in UI's ability to succeed is limited.<o:p></o:p></p>

<p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:10.0pt;
font-family:"Arial","sans-serif"'>&lt;&lt;CW: Fair enough and that's really the
objective of starting this thread. What is our view of UI's ability to succeed?
Because presumably KI doesn't want to expend resources on something that has
absolutely no hope of success (despite KI's best efforts in terms of expertise
etc).&nbsp; So are the issues surmountable? And if they were, is KI OK to take
the risk on what we think are the likely odds of success&gt;&gt;. <o:p></o:p></span></p>

<p class=MsoNormal style='margin-bottom:12.0pt'>Thank you.<br>
<br>
Jeff<o:p></o:p></p>

<div>

<p class=MsoNormal>On Wed, Aug 18, 2010 at 12:19 AM, Colin Wallis &lt;<a
href="mailto:Colin.Wallis@dia.govt.nz">Colin.Wallis@dia.govt.nz</a>&gt; wrote:<o:p></o:p></p>

<div>

<div>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Greetings
all<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Armed
with the Minutes of the last meeting, I am now working through some actions.<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Many
of you are aware of this work to a greater or lesser extent, and you'll see
some familiar names:-)<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Kantara
is mentioned specifically.<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>So
this email is to ask you to review the proposal outlined in this paper, and
respond to the list with your view on whether Kantara is interested to take
this forward (should UI approach Kantara of course).<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Thanks
in advance for your input.<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Cheers<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Colin<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span
style='color:gray'>&nbsp;</span><o:p></o:p></p>

<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>&nbsp;<o:p></o:p></p>

</div>

<p class=MsoNormal>====<br>
CAUTION:&nbsp; This email message and any attachments contain information that
may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended
recipient, any use, disclosure or copying of this message or attachments is
strictly prohibited. If you have received this email message in error please
notify us immediately and erase all copies of the message and attachments.
Thank you.<br>
==== <o:p></o:p></p>

</div>

<p class=MsoNormal style='margin-bottom:12.0pt'><br>
_______________________________________________<br>
LC mailing list<br>
<a href="mailto:LC@kantarainitiative.org">LC@kantarainitiative.org</a><br>
<a href="http://kantarainitiative.org/mailman/listinfo/lc" target="_blank">http://kantarainitiative.org/mailman/listinfo/lc</a><o:p></o:p></p>

</div>

<p class=MsoNormal><br>
<br clear=all>
<br>
-- <br>
Jeff Stollman<br>
<a href="mailto:stollman.j@gmail.com">stollman.j@gmail.com</a><br>
1 202.683.8699<o:p></o:p></p>

</div>


====<BR>CAUTION:&nbsp; This email message and any attachments contain 
information that may be confidential and may be LEGALLY PRIVILEGED. If you are 
not the intended recipient, any use, disclosure or copying of this message or 
attachments is strictly prohibited. If you have received this email message in 
error please notify us immediately and erase all copies of the message and 
attachments. Thank you.<BR>====
</body>

</html>