[KI-LC] Ignore last: Use This!! (RE: [DG-NSTIC] An eGov comment:: (RE: REVIEW DRAFT: Kantara Initiative Position Paper - NSTIC Steering Group Formation v0.2))

Colin Wallis Colin.Wallis at dia.govt.nz
Mon Jun 11 20:31:27 EDT 2012

Sorry folks.

I missed Bob's response last time.

From: Colin Wallis
Sent: Tuesday, 12 June 2012 12:26 p.m.
To: 'j stollman'; Joni Brennan
Cc: Kantara Leadership Council Kantara; dg-nstic at kantarainitiative.org
Subject: RE: [DG-NSTIC] [KI-LC] An eGov comment:: (RE: REVIEW DRAFT: Kantara Initiative Position Paper - NSTIC Steering Group Formation v0.2)

Just combining the two parallel threads on this to make it easier to capture the actions...

Colin  (who will craft some input for the eGov Policy piece)

From: dg-nstic-bounces at kantarainitiative.org [mailto:dg-nstic-bounces at kantarainitiative.org] On Behalf Of j stollman
Sent: Tuesday, 12 June 2012 9:01 a.m.
To: Joni Brennan
Cc: Kantara Leadership Council Kantara; dg-nstic at kantarainitiative.org
Subject: Re: [DG-NSTIC] [KI-LC] An eGov comment:: (RE: REVIEW DRAFT: Kantara Initiative Position Paper - NSTIC Steering Group Formation v0.2)

Given that P3 stands for Privacy and Public Policy, I believe that P3 should be referenced as aligning with both US Federal and US State and Local NSTIC groups.

According to the Steering Group Bylaws Discussion Draft, every entity that participates in the Steering Group is either a Member, or a Member Associate.

Members must sign a membership agreement, and can be either organizations or individuals.  Member Associates are persons who do not sign membership agreements, but are in some way affiliated with a Member.  So Member Associates can be employees of companies that are Members, or (in the case of Kantara) "members" or participants in the Member organization.   Member Associates must be listed in the membership agreement that the Member signs.

So Kantara must decide if the organization itself will sign a membership agreement, and if so, whether it will designate certain individuals (WG/DG Chairs, others) as Member Associates.

The draft Bylaws also states that "each Member shall self-select into the Stakeholder Group that they consider best represents its roles or interests in the Identity Ecosystem."   So this would seem to mean that Kantara itself (if it chooses to become a Member) would have to self-select into one of the 14 Stakeholder groups.  However, this also seems to mean that each person designated as a Kantara Member Associate would also be affiliated with that same Stakeholder Group (see Bylaws section a.3, Stakeholder Group Affiliation: " Member Representatives and Member Associates shall be affiliated with the Stakeholder Group selected by their respective Member Organization.")

So given the governance rules as currently written, it may be reasonable for Kantara to become a Member, and to be represented by Joni or another staffer.  Anyone else associated with Kantara (WG/DG chairs, etc), unless they want to be associated with the same stakeholder group that Kantara chooses, should probably consider becoming individual Members, or Member Associates of some other Member organization.

It might be reasonable for Kantara to consider petitioning NSTIC to modify these rules so that Kantara members/participants can still participate as Kantara Affiliates, without having to sign separate Member agreements, while still being able to join other stakeholder groups.  Or for an organizational Member such as Kantara to be able to self-select into several stakeholder groups...provided Kantara can only vote in one such group.

 - Bob P.
One way to address this is to have the leadership of each of the DG/WG participate/liaison in the related working groups.  Individuals can participate and bring their DG/WG hats along.

At the top should be an area of overall organization to organization cooperation.

Ditto on eGov policy.

The more participation the better the position (more votes) for elections no matter what category.

From: dg-nstic-bounces at kantarainitiative.org [mailto:dg-nstic-bounces at kantarainitiative.org] On Behalf Of John Bradley
Sent: Monday, June 11, 2012 1:24 AM
To: Colin Wallis
Cc: Kantara Leadership Council Kantara; dg-nstic at kantarainitiative.org
Subject: Re: [DG-NSTIC] [KI-LC] An eGov comment:: (RE: REVIEW DRAFT: Kantara Initiative Position Paper - NSTIC Steering Group Formation v0.2)

The NSTIC rules say you need to self-identify for participating in elections.  What category you run for election in and vote in,  not what plenary areas you participate in.    This is more a governance issue than an operational one.   Given that individuals can self select and vote with the same weight as organizations, the only reason for a organization to self select is to run for the governing group in an area as far as I can tell.

I have know idea if the rules would allow a WG that is not a legal entity to participate at that level for voting,  I suspect not.   the more important thing is probably what NSTIC proposed NSTIC committees relate to Kantara WG, and arranging individual participation.

I agree with Colin eGov should be positioned as Policy not standards.

John B.

On Mon, Jun 11, 2012 at 11:43 AM, Joni Brennan <joni at ieee-isto.org<mailto:joni at ieee-isto.org>> wrote:

It's great to see the strong support for international representation! Thank you:-)

Of course! =)

The rest of it was great too, and I had just two thoughts..:

1) Do we think that it is appropriate to characterize eGov WG as 'standards', referencing the Implementation profile for SAML 2.0?  It's not that that is wrong of course, but thinking about our revised positioning into a more policy/governance/requirements gatherer for an eGov SAC, I'm wondering if we couldn't future-proof ourselves a bit? IF we did, we could also self identify into 4) Fed Gov and 5) State Local etc Gov, couldn't we?

I believe this could work Colin.  Even though eGov is international there still are ties to Fed, State and local gov.   Is it possible for eGov to craft some input?

2) I thought that NSTIC rules said that an entity could only self identify into one of the Stakeholder Groups. While the issue of undue influence as raised by NSTIC is reasonable, it is also unreasonable that an entity such as KI has to do this given the breadth of its activities. Certainly that is the implication of this reponse paper, but it doesn't seem to come right out and say it.

I had this point much clearer in an earlier version and pulled it back a bit.  I think it's a big problem and will be for other groups as well.  This was also a flash point at the NSTIC day event in March (around IDTrust timing).  I believe that we should strengthen this and your point supports my thought.  Now, I think it's easy enough to say thisTHING is a problem but I'd prefer if we had some input on approaches to solve.  We don't need to propose a solve or direction toward a solve but I do think it's good manners.

Perhaps this is a discussion best taken with more input from the wider group.

Do others agree here and any thoughts on alternate approaches?

Any views on these points?

From: joni at ieee-isto.org<mailto:joni at ieee-isto.org>
Date: Thu, 7 Jun 2012 15:32:33 -0700
To: LC at kantarainitiative.org<mailto:LC at kantarainitiative.org>; dg-nstic at kantarainitiative.org<mailto:dg-nstic at kantarainitiative.org>
Subject: [KI-LC] REVIEW DRAFT: Kantara Initiative Position Paper - NSTIC Steering Group Formation v0.2

Hello LC and NSTIC DG,

Please find attached the early draft of Kantara Position Paper - NSTIC Steering Group Formation

This is a draft - which means - now is the time for you members to submit your comments and edits - both general and specific.  I will amalgamate comments received.  A few notes. Please send with in one week for inclusion in the next draft.

The following Groups please send in your group representative edits / copy as appropriate.  If your group does not align or have context then you have no action to take.
- Consumer ID WG
- Telco ID WG
- Japan WG (I'm not sure that Japan will have input as this is a US strategy but the opportunity is open for this group as well!)
- other KI stakeholders not included above (?)

UMA WG - Eve I got your comments but would like to know which of the stakeholder groups you see UMA aligning with.

Once we see which stakeholder groups Kantara groups are aligning with we will be able to work forward toward final input. Please note that the NSTIC Governance recommendation calls for organizations / individuals to identify with ONE stakeholder group [1].  I believe this is a challenge as many organizations will find overlap.  Our approach should be to either
- Reach consensus on one stakeholder group to identify with OR
- Provide input regarding how the governance should change to allow for organizations / individuals to align with multiple stakeholder groups.

Remember this is our opportunity to help shape the NSTIC steering governance model and highlight the significant work that Kantara is already progressing in the space.

[1] Recommendation 25: Each Stakeholder should be required to "self-identify" into the stakeholder group which it considers best represents its primary role or interest in the Identity Ecosystem. Self-identification into one stakeholder category at a time would prevent organizations that may play multiple roles in the Identity Ecosystem from exerting undue influence by gaining more than one vote on the Management Council. Importantly, individuals that do not wish to self-identify into one of the other 13 stakeholder groups may choose to participate as an Unaffiliated Individual.

I look forward to working with you to publish this paper.


Joni Brennan
Kantara Initiative | Executive Director
voice:+1 732-226-4223<tel:%2B1%20732-226-4223>
email: joni @ ieee-isto.org<http://ieee-isto.org/>

Slideshare - Building Trusted Identity Ecosystems - It takes a village!

CAUTION:  This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/lc/attachments/20120612/47ef7448/attachment-0001.html 

More information about the LC mailing list