ID2020 PM:

Participants:

Time	Item	Who
2 min	Anti-Trust Policy and Recording reminder given	Chair
5 min	Introductions: (New participants (if any) only	Chair
15 min	Key questions document: Contributors to share thoughts	All
20 min	Key requirements: Agree 3 key requirements, and 30/60/180 day milestones for each	All
15 min	Recommended solutions: Agree 3 actionable recommendations, and 30/60/180 day milestones for each	Chair
3	Wrap Up	Chair

(PDFs posted)

1. Welcome and Linux Foundation antitrust policy

Key Question on Identity Assurance Levels - What standard should we use?

What are GHP compliant ecosystems? From an identity binding standpoint there will be different levels, we cannot dictate across the ecosystem.
What would be compliant in various different scenarios?
What are the standards of data reported in the credential?
If there is no identity binding data in the credential, should the recommendation be that the verifier treats it at the lowest level? (Self-Asserted)
Should we provide a mapping across recognized schemes? NIST, PCTF, TDIF, eIDAS, UK GPG, ISO/IEC 2476

[Scott] Need to be inclusive but maintain a guidance for a LOA that represents the different standards
1. Starts with the fact that there are different LOA
[Paco] We should recommend the risk levels that should be accepted.
[Stew] We should decide quickly id theis is data or policy standardization. How can we encapsulate the IAL standards. Recommends we go toward data standards rather than recommending a spacific technical standard.
1. Propose we look at the facts and report what was done, could be null or NIST or ISO. . . It is up to the verifier how they want to handle that.
2. We shouldn’t be pushing policy, we should be defining the data.
[Kayila] This group is the identity binding, we need to define the standard for recording LOA and send someone to the data structure group and recommend they include the information.
[Bryn] We need to consider binding across all three zones.
1. We have a clear direction from steerco to focus on international travel.

Everyone should contribute to the documents:

Action Items

Action: Todd to circulate the links to the key documents to the DG and the task for this week to review the content that exists in the draft paper https://docs.google.com/document/d/1Gf9XjOS4lmb3Hs80ITqgtoYaJnXxGasMNCnIrHoQN1I/edit# and fill the gaps that exist in requirements and recommendations.
Action: Ensure we identify the interaction with the credential definition WG - the level of assurance should be included with the credential.
Action: Discuss with rules engine WG how different LoAs can be translated by the Verifier

Browser not supported