[Wg-p3] P3WG action item (Robin Wilton)

Robin Wilton futureidentity at fastmail.fm
Fri Aug 28 01:26:16 PDT 2009

Only one comment - I'm hoping the ARB will not implement anything.

I'm working on rather scant details here, but thinking about it over the 
past couple of days, it seems increasingly anomalous to me that a subset 
of the Board of Trustees should, essentially, be undertaking a task 
which has externally-generated requirements, will result in further work 
items, deliverables to third party organisations, etc.

Apologies if this suggestion has already been worked over, but wouldn't 
it be more in keeping with Kantara's over-all structure if the actual 
work were taken on by a Work Group, now that the ARB has identified a 
strategic opportunity and set the intended direction?


Brett McDowell wrote:
> I'm supportive of the modular approach as a stop-gap.  Eventually, and
> in accordance with the P3WG charter, there will exist a full Privacy
> Assurance Framework similar to, but orthogonal/complimentary to, the
> Identity Assurance Framework.  But for now we have an immediate market
> requirement in the world of Identity Assurance to have some criteria
> and process for assessing an Identity Provider's privacy practices, at
> least in the limited context of the US Federal Government's
> E-Authentication/Open Trust Frameworks program
> (http://idmanagement.gov).
> BTW, I don't think the Assurance Review Board would implement this
> module (and they have yet to evaluate it) if they thought it was only
> useful to the US Federal Government, we do believe there is broader
> applicability.
> So this becomes immediately useful in a meaningful context, if
> limited, yet motivates/ignites the more important work of the Privacy
> Assurance Framework (I hope).
> Robin, Trent, Iain, etc... If I'm off-base, please correct this
> description of context and expectation.
> Cheers,
> Brett McDowell | http://info.brettmcdowell.com | http://kantarainitiative.org
> On Wed, Aug 26, 2009 at 2:53 AM, Robin Wilton<futureidentity at fastmail.fm> wrote:
>> Fair point. Trent and I opted, as a starting point, to 'attach' this
>> module to the IAF - but mainly for 'internal' reasons to do with synergy
>> and Kantara BoT focus, and definitely not in order to preclude its use
>> in the cases you describe. We should and will capture your input as a
>> requirement -
>> Many thanks,
>> Robin
>> On Tue, 25 Aug 2009 11:27 -0600, "Ian Glazer" <iglazer at burtongroup.com>
>> wrote:
>>> Robin -
>>> In reading this I have a big concern about the invocation of such a
>>> Module. Based on how I read this, this Privacy Assurance Module would
>>> only be invoked as a subprocess to identity proofing and credentialing.
>>> If that is correct, then this Module would not be invoked for information
>>> that is not associated with credentialing such as customer data
>>> (especially customer data in a partnership situation.)
>>> Have I misread this?
>>> i
>>> --
>>> Ian Glazer    |    Senior Analyst, Identity and Privacy Strategies    |
>>>  Burton Group
>>> e: iglazer at burtongroup.com   |    p: +1(202) 255-3166
>>> http://identityblog.burtongroup.com | http://www.tuesdaynight.org
>>> _______________________________________________
>>> Wg-p3 mailing list
>>> Wg-p3 at kantarainitiative.org
>>> http://kantarainitiative.org/mailman/listinfo/wg-p3_kantarainitiative.org
>> Robin Wilton
>> Director, Future Identity
>> Director of Privacy and Public Policy, Liberty Alliance
>> www.futureidentity.eu
>> +44 (0)705 005 2931
>> ====================================================================
>> Structured consulting on digital identity, privacy and public policy
>> ====================================================================
>> Future Identity is a limited company number 6777002, registered in England & Wales
>> _______________________________________________
>> Wg-p3 mailing list
>> Wg-p3 at kantarainitiative.org
>> http://kantarainitiative.org/mailman/listinfo/wg-p3_kantarainitiative.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: futureidentity.vcf
Type: text/x-vcard
Size: 285 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/wg-p3_kantarainitiative.org/attachments/20090828/64d1849d/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3388 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://kantarainitiative.org/pipermail/wg-p3_kantarainitiative.org/attachments/20090828/64d1849d/attachment.bin>

More information about the Wg-p3 mailing list