Subject: Please review and contribute to Shaheen's use case template, before next TC call 25-July
On our TC call yesterday Shaheen walked us through the use case PPT he prepared, and we agreed that this is an excellent start. While this is obviously not the only use case we could use, it is one that is relatable to any reader since it involves something we all do and have some familiarity with, at least from a user standpoint.
For obvious reasons, banks are unable to share the details of their internal processes related to TE and LoA. Thus we discussed 2 options going going forward, which are not exclusive.
1) a non-banker could postulate a hypothetical banking use case for TE, making assumptions about the required LoA for various actions and inferring associated TE methods. Actually, this would at least split into 2 sub-cases with different contexts, one for a user utilizing an untrusted shared device (e.g. library), and the other for a user on a known trusted device (e.g. one which has been used previously and declared trusted by the user).
2) we would solicit the list for use cases from other verticals. Government is one that arose, whether for citizen interaction with an agency or between agencies. There are certainly others.
Thus this is a call to all TC members to review the use case template and make any contributions you are able to as suggested above, or otherwise. Logistically, it would be easiest if you would send them to me, and I will assemble into a master document for dissemination and discussion on our next call.
Your contributions will be greatly appreciated.
Description: S/MIME cryptographic signature