20100624 - Soft PDC Project Meeting June 24, 2010

Attendees

Susan Brooker-Gross
Mary Dunker
Frank Galligan
Greg Kroll
Ismael Alaoui
Karen Herrington

Agenda

1. Responses to TechSupport e-mail regarding focus group meetings.
2. Review InCommon Silver profile requirements. See Standards for Identity Assurance
3. Are we done discussing Establishing existing relationships?
   • See 20100617 meeting notes.
4. Are we done discussing Concept for exception retrieval of escrowed keys?
   • See 20100617 meeting notes.
5. Background Questions 6, 12, 17, 20, 24 are pending or unanswered.

Meeting Notes

1. Responses to TechSupport e-mail regarding focus group meetings.
   1. See the list of names of those that responded on the page linked above.
   2. We will call this first meeting an initial or introductory meeting and invite everyone that responded. An analysis of this initial meeting will determine whether smaller focus group meetings are warranted.
   3. Action item: Greg will schedule this meeting ASAP.
   4. One question to ask participants is: Who needs external trust, i.e., root key signing?
2. Review InCommon Silver profile requirements.
   1. What level of identity proofing do we need? Does it need to be the same for Faculty/Staff versus students?
   2. As long as we are going to have to define and follow a process we might as well conform to a standard.
   3. Identity proofing requirements using an "existing relationship" via the Hokie Passport may be a possibility.
      • Action item: Karen will talk to the Hokie Passport office and report back on the process they use to issue a Hokie Passport.
   4. Communications regarding our process (i.e., our sales pitch) needs to be well written and clear so the inconvenience of a face-to-face identity proofing is tolerable.
   5. InCommon silver requirements:
      1. identity proofing
      2. logging of process and credentials used
      3. documentation on our process
      4. Internal Audit must sign-off on our processes and send a report to InCommon in order to receive/be approved for silver status.
   6. We plan to strive for InCommon silver but if that presents a show stopper then it is not the end of the world, i.e., would be nice but not required.

• "Out of band" = No regular pre-defined process to get it done. A special case.