[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Notes from June 26 call
Minutes for the meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee June 26, 2014. 1. Call to Order and Welcome. 2. Roll Call Attending (please notify me if you attended the meeting but are not on the list below) Abbie Barbir, Bank of America - y Anil Saldhana, Red Hat Bob Sunday Brendan Peter, CA Carl Mattocks, Bofa Cathy Tilton, Daon - y Charline Duccans, DHS Duane DeCouteau Calvin Colin Wallis, New Zealand Government - y Dale Rickards, Verizon Business David Brossard, Axiomatics Dazza Greenwood Debbie Bucci, NIH Deborah Steckroth, RouteOne LLC Detlef Huehnlein, Federal Office for Information Diana Proud-Madruga - y Diego Matute, Centrify Don Thibeau, Open Identity Exchange - y Doron Cohen, SafeNet Doron Grinstein, BiTKOO Gershon Janssen Ilene Bridges Ivonne Thomas, Hasso Plattner Institute Jaap Kuipers, Amsterdam James Clark – Oasis Jeff Broburg, CA John Bradley John "Mike" Davis, Veteran's Affairs John Walsh, Sypris Electronics Jonas Hogberg Julian Hamersley, Adv Micro Devices Kevin Mangold, NIST Lucy Lynch ISOC Marcus Streets, Thales e-Security Marty Schleiff, The Boeing Company Mary Ruddy, Identity Commons - y Massimiliano Masi, Tiani "Spirit" GmbH Mike Harrop Mohammad Jafari, ESC - Peter Alterman, SAFE-BioPharma Peter Jones - Rainer Hoerbe - Rebecca Nielsen, Booz Allen Hamilton Rich Furr Ronald Perez, Advanced Micro Devices Scott Fitch Lockeed Martin Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A. - y Shahrokh Shahidzadeh (Intel Corp Suzanne Gonzales-Webb, VA - y Tony Rutkowski Tony Nadlin Thomas Hardjono, M.I.T. William Barnhill, Booz Allen Hamilton Adrianne James, VA Patrick, Axiomatics Steve Olshansky Andrew Nash - y 67 percent of the voting members were present at the meeting. We did have quorum. Peter wanted the TC to know that we are hiring Andrew Nash to edit the fourth deliverable. Shaheen has sent out a current draft which is a protocol for trust-el in XML and JSON. Shortly we will have a version for the whole TC to review. At that point we will want everyone to dig into it and give us thoughtful comments. 2. Agenda review and approval We used the following chat room for the call: http://webconf.soaphub.org/conf/room/trust-el chat room text is included at the end of the minutes. The agenda was approved. 3. Approval of the Minutes Abbie asked for a motion to approve the minutes from April 3. Don made the motion. Shaheen seconded it. There were no objections The minutes for the meeting were approved. 4. OIX update Abbie said the event was very well done. It was well received by UK government. They are working on a whitepaper to look at deltas from our work. Don continued we were able to present at both the EMA conference and also to some key people in the UK government. We came to an agreement around a proposed white paper to apply our Trust-el work to the IDAP program, and talked about IDAP being an early and large adopter of the proposed standard. Abbie said he was very encouraged to hear the discussions stating the value of assurance levels for identity attributes. IDAP is different from using social login. The nature of the trust model is different. A foundation for trusted attributes is in place. Our TC is in the right place at the right time. Maybe we should have an OS project with source code for anyone to adopt it. 5. Editor update Abbie announced that Andrew is kind enough to help us with the fourth deliverable. He has accepted being our editor. Andrew is our key editor of the 4th deliverable. Andrew thanked the TC. Sounds like I already know most people. Looking forward to working with you and bring things to conclusion. Suzanne made motion to have Andrew as the editor of the 4th deliverable Dianna seconded the motion. There were no objections. Abbie welcomed Andrew. Abbie then asked Shaheen to please give a summary of where we are. Shaheen welcomed Andrew. He explained the first process was to collect current trust-el methods, then analyze them, and then we came up with a technique. Then we came up with a framework. Then build a trust-el sequence, based on that sequence we developed an XML format for interacting with various RP and IDP and attribute providers and LOA assessors. One of the key concepts introduced is incorporated response from attribute providers, etc. Abbie said so basically we have the trust sequences and metadata. We need to formalize where we want to go and what is missing. Need to assign people to work on gaps. So please suggest what we need to do and what we should do next. Shaheen said I think we need to understand the relationship with the existing framework that we may be leveraging. Abbie said what you have so far is a step-up process. This doesn’t translate to a protocol yet. We need to define the terms of how parties request and discover trust-el and then we can bind it to a protocol. Shaheen responded exactly. We need to do analysis to see where we fit in other protocols. Abbie asked or should we say that we need to be complaint. We also need to see the output of the UK paper. Don said he would be happy to lead that team. Abbie said this is an ad hoc team with Don leading it. Abbie volunteered also. They would work with the UK to ensure alignment. In parallel, we still need to define the protocol at the abstraction level, where it will kick in, how it will work with FIDO and what is the handshake, and how to discover attributes. Colin what do you think? Colin said it sounds like a way forward. Abbie continued we need to go from a sequence to a protocol. We fit at the layer of a trust framework. Don agreed. Abbie said the policy may change, and the vocabulary may change, but the mechanism should be the same. We need a metadata definition of what a trust attribute should be and how to represent it. Then we will look at how to use OIDC or SAML to implement it, and publish protocols. Abbie said silence sounds like agreement. Today is kicking off the next phase. Do we want to take a summer break? Don likes it. Andrew is out the week of July 4th. Abbie said that for lots of Europeans, August is a month not to meet. Abbie maybe skip week after 4th. Editors still can meet. Abbie said it if is ok, I make a motion to cancel the next meeting for vacation (July 10). We can also take August 7th off. Don said the UK white paper may be in September. We will finalize our response when have that white paper. ***Don took an action item in September a committee/editors to meet with counterparts in the UK cabinet office. 6. Resolution and feedback on third deliverable. We need to do redo the vote on the third deliverable, since not enough people voted. Steve made a motion to approve requesting Special Majority Vote on approving Electronic Identity Credential Trust Elevation Framework Version 1.0 at https://www.oasis-open.org/committees/document.php?document_id=52634&wg_abbrev=trust-el with Non-Material Changes as a Committee Specification. Don seconded it. Abbie asked if there were any objections. None heard. The motion passed. Abbie announced that we have victory. 7. Adjourn Abbie asked for a motion to adjourn. Dianne made the motion. Suzanne seconded the motion. The meeting was adjourned. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> anonymous morphed into Don Thibeau Cathy Tilton (Daon): Mary - I have a conflict today, but if you need quorum, let me know and I will step out momentarily to assist. abbie: cathy please dial in for 20 seconds for quroum abbie: pretty please cathy anonymous morphed into colin_nz Cathy Tilton (Daon): Will be there shortly - vote in progress. abbie: thanks cathy abbie: u r the king + queen abbie: thank u |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]