[WG-InfoSharing] Meeting today for User Submitted Terms -- and STANDARDs we can produce

mary hodder hodder at gmail.com
Mon Mar 7 13:32:35 CST 2016

Hi All,
Here is our meeting call-in info:

Skype: +99051000000481
Conference ID-B: 613-2898
room code: 613-2898

Also I wanted to share a couple of things to think about as we begin making
our spec for User Submitted Terms.

First, one way a group somewhat related to ours is thinking about how to
define standards and characterize open standards is IDESG.. the working
group for the NSTIC principles. They (we as I'm apart of this) are on the
cusp of launching a kind of standard that if met, would mean an entity
could self-certify (for now, with 3rd party certification coming in round
2) as meeting the requirements of the certification. It's not a standard
like ISO or Kantara makes, or that we would like to standardize for Consent
Receipts (the other CISWG meeting that meets just after us -- and is near
finishing) and User Submitted Terms.

IDESG is interested in listing standards that support their certification
requirements and the below info is from the Standards Adoption Policy.

I would like to see Consent Receipts and User Submitted Terms included in
that list, as responding to a UST is currently a requirement, and CRs are a
guideline for now, but later will be a requirement.

While IDESG has spent a long time finding out what it wants to be when it
grows up, it's now on track to do something constructive. And so having a
certification that requires the standards we are working on could be quite

Anyway.. I wanted to share the language below as we finish up the CR
standard and embark on the UST standard.


[quote] -- full doc in draft is attached -- it's expected to be adopted by
IDESG in May, 2016 and is currently out for comments from the plenary
(members of IDESG).

*1.2 Standards definition*

In the course of its work, IDESG will create and adopt many documents to
serve its many purposes and activities.  Some of these documents may be
incorporated into or sanctioned as authoritative guidance within IDESG's
IDEF.  For purposes of this policy:

   - A standard is a document, established by consensus that provides
   rules, guidelines, or characteristics for activities or their results (ANSI
   ISO/IEC Guide 2:2004). Consensus is typically obtained through multi-party
   discussion, so that the standard does not represent a singular point of

NOTE: that the term ”standard” herein is not intended to be restrictive to
only those documents with the word ”standard” in their titles.

An implementation profile, which is derived from an existing standard to
meet the needs of a specific community or use case(s), may also be reviewed
and processed by the SCC under this SAP, provided that the underlying
standard that the profile elaborated has been reviewed, adopted, and
included in the Standards Registry (see Section 1.4).

*1.3 Open standards*

NSTIC promotes the adoption of existing, open standards to ensure the
privacy, security, and
interoperability of data interfaces and use in the identity ecosystem.  In
addition, where new
standards may be needed, the NSTIC promotes initiating non-proprietary,
international, and
industry-led standards development efforts.

Although some identity ecologies may have their own satisfactory
proprietary or closed methods, the NSTIC’s concept of an open and scalable
ecosystem depends on the ability of large groups of enterprises,
institutions, and individuals to use identity information that is
standards-based and broadly federated. Such interactions must be voluntary
and enable entities to use their own systems and methods within their own
environments, and entities must be able to confidently rely on identity
data interactions with other entities across organizational boundaries,
supported by stable, vendor-neutral methods of identity assertions that are
interpreted using standards-based protocols. The use of "voluntary
consensus standards" over the adoption of proprietary protocols is
preferred as a policy matter because the open, inclusive process of
standards development is:

   - Neutral as to vendors, supportive of market competition, and more
   accessible by do-it yourself identity service providers.
   - Based on transparent and inclusive processes that generally produce a
   higher quality of standards, with methods less tied to the peculiarities of
   any one implementation style;
   - Supportive of positive network scale effects by making it easier to
   federate identities and perform transactions using these identities, while
   minimizing costs for system adaptation;
   - Enable cost savings through the creation and marketing of common
   interfaces, tools, and service providers.

[end quote]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-infosharing/attachments/20160307/7117be8c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SAP V2 v20160304.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 269202 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/wg-infosharing/attachments/20160307/7117be8c/attachment-0001.docx>

More information about the WG-InfoSharing mailing list