Team

Ismael Alaoui(tick), Phil Benchoff(tick), Susan Brooker-Gross(tick), Al Cooper(tick), Mary Dunker(tick), Frank Galligan(tick), Karen Herrington(tick), Greg Kroll(tick), Randy Marchany(error)

Kevin Rooney(tick), Sharon Kurek(error), Mike Emero(tick)
((tick) present, (error) absent)

Agenda

  1. Further discuss pros and cons of what LOA certificate to issue for phase I of this project.
    • Please review Susan's summary in the "Comment" entitled "Soft PDC multiple certificates alternatives" at the bottom of this page
  2. Continue discussion of items from Questions of Potential Interest to Internal Audit.

Meeting Notes

  1. Further discuss pros and cons of what LOA certificate to issue for phase I of this project.
    1. The graduate school wants a certificate with a LOA greater than PID & password (which has an LOA of 2).
    2. Mike commented that since the graduate school has a need and identified applications waiting we should shoot for an LOA 3 certificate for the first phase of this project.
    3. InCommon Silver does note preclude issuing an LOA 2 cert. after issuing an LOA 3 cert. to the same user.
    4. eProvisioning commented that an administrative interface would have to be developed to issue LOA 3 cert's and therefore development time would be longer compared to starting this project by issuing LOA 2 cert's.
      • 9/9/2010 Meeting: Clarified the above meeting note by adding that this is because of in-person identity proofing requirement for LOA 3. The 3 scenarios we are looking at are:
        1. Face-to-face or in-person identity proofing.
        2. Remote identity proofing but not necessarily automated, e.g., sending notarized documents.
        3. Automated identity proofing, i.e., done electronically without human intervention.
    5. Mary phoned parking services to look into the possibility of validating Virginia driver's license numbers by accessing a DMV database. She discovered that there are drivers license validation services available for a fee. We might be able to leverage a service like this to do remote/ automatic validation of drivers license numbers.
      1. Action item: Mary will pursue this idea further and may talk to Erv about funding for such a service.
      2. If we are able to at least validate Virginia driver's license numbers this would take care of a very large percentage of our user population. One idea to handle those without a Virginia driver's license is to have one office on campus that does identity proofing for all others.
      3. If we do not store the driver's license number somewhere does this invalidate InCommon Silver?
        • 9/9/2010 Meeting: Mary is working on this.
        • What about the use of notarized documents?
        • One use case that needs to be discussed is a faculty member that needs a soft cert but is not physically in Blacksburg so therefore cannot come in for in-person identity proofing.
        • Action item: Frank will follow up with a driver's license validation service he found for details and costs.
    6. What about leveraging the Hokie Passport as an "existing relationship" for identity proofing?
      • Quoted from the InCommon; Identity Assurance Profiles; Bronze and Silver; 3/11/2008; version 1.0.1:

        4.2.2.3.1 Existing Relationship
        Employers and educational institutions which verify the identity of their employees,
        students or other affiliates by means comparable to those stated for In-person
        Proofing or Remote Proofing may be designated an RA by the IdP operator. The IdP
        operator shall confirm that the applicant is a person with a current relationship to the
        organization, record the nature of that relationship and verify that the relationship is
        in good standing. If the IdP operator's IdMS directory or database is separate from
        the institution's or RA's database, the IdP operator shall confirm that the applicant's
        name and address are consistent in both places.

        Suggested Evidence of Compliance
        The records of identity proofing.

      • Action item: Karen will contact the Hokie Passport office to discuss.
  2. Continue discussion of items from Questions of Potential Interest to Internal Audit.
    • See the referenced wiki space for meeting notes.
  • No labels