[WG-P3] For your consideration

Colin Wallis colin_wallis at hotmail.com
Wed May 25 08:09:28 EDT 2011


OK, but it should. It was probably taken from an EU baseline but the idea is that any nation could profile it as a sub set. If it isn't able to do that, we're in trouble..given that the co-editor for 29100 is Sue Glueck from MSFT. 29101 has an Estonian editor with some US inputs. But what need sto be done is a quick mapping against ISTPA and if it maps ok, we should be ok there too..I suspect changes on that one though...
 


To: colin_wallis at hotmail.com; rainer at hoerbe.at
CC: anna.slomovic at equifax.com; sg-p3pf at kantarainitiative.org; wg-p3 at kantarainitiative.org; staff at kantarainitiative.org
Date: Wed, 25 May 2011 08:00:08 -0400
Subject: RE: [WG-P3] For your consideration
From: anna.slomovic at equifax.com





I have not had the time to review to see whether the ISO work would play in the US. I am cheered that it us principles-based, so it is possible. Let's discuss on the call tomorrow.
Anna 

Anna Slomovic
CPO, Equifax

Sent via DROID on Verizon Wireless

-----Original message-----


From: Colin Wallis <colin_wallis at hotmail.com>
To: Rainer Hoerbe <rainer at hoerbe.at>
Cc: Anna Slomovic <anna.slomovic at equifax.com>, "sg-p3pf at kantarainitiative.org" <sg-p3pf at kantarainitiative.org>, Kantara P3 WG <wg-p3 at kantarainitiative.org>, "staff at kantarainitiative.org" <staff at kantarainitiative.org>
Sent: Wed, May 25, 2011 11:49:56 GMT+00:00
Subject: RE: [WG-P3] For your consideration





And I will try to help where I can, but the wireframe was about as far as my knowledge runs.
 
It will be a tight fit for me to get on the call tomorrow between other calls and jetlag but I'll try...
 
Cheers
Colin

 


Subject: Re: [WG-P3] For your consideration
From: rainer at hoerbe.at
Date: Wed, 25 May 2011 12:48:43 +0200
CC: anna.slomovic at equifax.com; sg-p3pf at kantarainitiative.org; wg-p3 at kantarainitiative.org; staff at kantarainitiative.org
To: colin_wallis at hotmail.com

I agree. For my part, I hope to help with assurance metrics.  





Am 25.05.2011 um 12:20 schrieb Colin Wallis:

So to summarise the input from Anna, Jeff and Rainer as I understand it..
 
1) We continue with a (global) Principles based approach
2) We agree to adopting definitions from ISO 29100 A privacy Framework (also used in 29101 a privacy reference archictecure), though we have to be careful as these can't be publicly released at this stage 
3) We leverage the architecture-to-principles mapping proposed in the latest 29101 drafts (still being worked on in the ad hoc) to help us contruct that part of our framework
4) We leverage the LoP and LoC concepts, but do not try to make any sort of direct binding of LoAs to LoPrivacy (yuk)
5) We aim towards an assurance metric.
 
I didn't get any response on my early wireframe on how the doc might look (remember that we have to give advice to Trust Framework deployers and also to Privacy Framework Assessors, so it is at least a two part doc).
 
Are we good to go then?
 
Cheers
Colin    
 


From: rainer at hoerbe.at
Date: Mon, 23 May 2011 19:56:28 +0200
To: anna.slomovic at equifax.com
CC: SG-P3PF at kantarainitiative.org; wg-p3 at kantarainitiative.org; staff at kantarainitiative.org
Subject: Re: [WG-P3] For your consideration





Am 23.05.2011 um 16:31 schrieb Anna Slomovic/Equifax:




Please see inline.
 






How does the work in P3WG done so far compare to the ISO 2910x draft? Do the principles match? To what extent is the terminology aligned? Could the Kantara PF be crafted as instance of a 29101-compatible framework?




 

On the long term Kantara will have to provide the full set of principles that reach beyond US eGovernment use cases.












            I do not have a copy of the standard or the architecture in its current state. According to the ISO website, it will be published 10/15/2011.

Kantara does have a liaison with ISO SC 27 WG 5 and can make the draft documents available to its members (but not to mere list subscribers). Please contact Kantara staff - I think that this is a must read for P3 members.








This message contains information from Equifax Inc. which may be confidential and privileged. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail postmaster at equifax.com.
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/wg-p3/attachments/20110526/30bd5ec3/attachment-0001.html 


More information about the WG-P3 mailing list