[WG-P3] For your consideration

Anna Slomovic/Equifax anna.slomovic at equifax.com
Wed May 25 08:00:08 EDT 2011


I have not had the time to review to see whether the ISO work would play in the US. I am cheered that it us principles-based, so it is possible. Let's discuss on the call tomorrow.
Anna

Anna Slomovic
CPO, Equifax

Sent via DROID on Verizon Wireless


-----Original message-----
From: Colin Wallis <colin_wallis at hotmail.com>
To: Rainer Hoerbe <rainer at hoerbe.at>
Cc: Anna Slomovic <anna.slomovic at equifax.com>, "sg-p3pf at kantarainitiative.org" <sg-p3pf at kantarainitiative.org>, Kantara P3 WG <wg-p3 at kantarainitiative.org>, "staff at kantarainitiative.org" <staff at kantarainitiative.org>
Sent: Wed, May 25, 2011 11:49:56 GMT+00:00
Subject: RE: [WG-P3] For your consideration

And I will try to help where I can, but the wireframe was about as far as my knowledge runs.

It will be a tight fit for me to get on the call tomorrow between other calls and jetlag but I'll try...

Cheers
Colin


________________________________
Subject: Re: [WG-P3] For your consideration
From: rainer at hoerbe.at
Date: Wed, 25 May 2011 12:48:43 +0200
CC: anna.slomovic at equifax.com; sg-p3pf at kantarainitiative.org; wg-p3 at kantarainitiative.org; staff at kantarainitiative.org
To: colin_wallis at hotmail.com

I agree. For my part, I hope to help with assurance metrics.


Am 25.05.2011 um 12:20 schrieb Colin Wallis:

So to summarise the input from Anna, Jeff and Rainer as I understand it..

1) We continue with a (global) Principles based approach
2) We agree to adopting definitions from ISO 29100 A privacy Framework (also used in 29101 a privacy reference archictecure), though we have to be careful as these can't be publicly released at this stage
3) We leverage the architecture-to-principles mapping proposed in the latest 29101 drafts (still being worked on in the ad hoc) to help us contruct that part of our framework
4) We leverage the LoP and LoC concepts, but do not try to make any sort of direct binding of LoAs to LoPrivacy (yuk)
5) We aim towards an assurance metric.

I didn't get any response on my early wireframe on how the doc might look (remember that we have to give advice to Trust Framework deployers and also to Privacy Framework Assessors, so it is at least a two part doc).

Are we good to go then?

Cheers
Colin

________________________________
From: rainer at hoerbe.at<mailto:rainer at hoerbe.at>
Date: Mon, 23 May 2011 19:56:28 +0200
To: anna.slomovic at equifax.com<mailto:anna.slomovic at equifax.com>
CC: SG-P3PF at kantarainitiative.org<mailto:SG-P3PF at kantarainitiative.org>; wg-p3 at kantarainitiative.org<mailto:wg-p3 at kantarainitiative.org>; staff at kantarainitiative.org<mailto:staff at kantarainitiative.org>
Subject: Re: [WG-P3] For your consideration


Am 23.05.2011 um 16:31 schrieb Anna Slomovic/Equifax:

Please see inline.

How does the work in P3WG done so far compare to the ISO 2910x draft? Do the principles match? To what extent is the terminology aligned? Could the Kantara PF be crafted as instance of a 29101-compatible framework?

On the long term Kantara will have to provide the full set of principles that reach beyond US eGovernment use cases.

            I do not have a copy of the standard or the architecture in its current state. According to the ISO website, it will be published 10/15/2011.

Kantara does have a liaison with ISO SC 27 WG 5 and can make the draft documents available to its members (but not to mere list subscribers). Please contact Kantara staff - I think that this is a must read for P3 members.



________________________________
This message contains information from Equifax Inc. which may be confidential and privileged. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail postmaster at equifax.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/wg-p3/attachments/20110525/b5dcb44a/attachment.html 


More information about the WG-P3 mailing list