NSTIC/CallLog-2011-01-07
From IdCommons
Log of mibbit.com ir channel on 2011-01-07 call
16:03 *** Jay_Unger joined #nstic 16:03 *** PeterCapek joined #nstic 16:03 *** maryhodder joined #nstic 16:03 *** mib_47v4hj joined #nstic 16:03 *** gunther joined #nstic 16:04 *** mib_47v4hj quit (Quit: http://www.mibbit.com ajax IRC Client) 16:04 *** bob_p joined #nstic 16:04 *** jeff joined #nstic 16:04 *** michaelhelm joined #nstic 16:04 *** jtrentadams joined #nstic 16:04 *** Peter joined #nstic 16:04 *** MaryR joined #nstic 16:04 *** fenton joined #nstic 16:04 *** gunther quit (Quit: http://www.mibbit.com ajax IRC Client) 16:04 *** Joni joined #nstic 16:05 *** jeff is now known as Guest40566 16:05 *** karen joined #nstic 16:05 *** Alan joined #nstic 16:06 *** mib_7yfnpa joined #nstic 16:06 *** mib_g80ep8 joined #nstic 16:06 *** greg_turner joined #nstic 16:06 *** ndk joined #nstic 16:06 *** colin_nz joined #nstic 16:06 *** Alan is now known as Guest28132 16:07 *** lena_ joined #nstic 16:08 mib_7yfnpa hello 16:09 Kaliya Hi 16:09 maryhodder hi 16:10 fenton anyone who wants to can introduce themselves this way as well. 16:10 *** mib_7yfnpa left #nstic 16:10 *** mib_7yfnpa joined #nstic 16:11 lena_ hi all 16:11 Joni Hi Lena! 16:11 Joni Hi All 16:13 michaelhelm I was at the event too - having it settled that Commerce is hosting this is the news. Not much info on how the government itself interacts with NSTIC! 16:14 jtrentadams I hear that the dial-in number is saturated. 16:14 IDmachines I agree with that, it was surprising that it wasn't DHS since they were driving the initial outreach. 16:14 Kaliya yeah -also heard that. 16:14 jtrentadams Since no one else is able to get in... would it make sense to record this? 16:14 Kaliya maybe 16:15 Kaliya does this bridge have a limit? 16:15 jtrentadams I think the max is 25 participants 16:15 *** smarthart joined #nstic 16:15 Kaliya oooh 16:15 Kaliya ok. didn't know that 16:16 colin_nz Was there mention of ICAM and how it would play a role? 16:17 michaelhelm That would have been my question if there had been time. I asked Dr Gallagher about that afterwords, not much info. yet.... 16:17 colin_nz 'K..thanks 16:19 Jay_Unger Mary Ruddy says the bridge should not be limited to 25. Tell people who are having trouble to try again. 16:20 smarthart Thanks have been able to get on now... 16:21 michaelhelm Is the Admin in danger of losing control of the message of NSTIC, like what happened to other things in the past 18 mos? 16:22 michaelhelm Could someone post a link to the article (CTS?) cited in the call? Thanks. 16:22 Guest3037 still can't get on 16:22 Kaliya Where are the relying party. 16:23 Kaliya I am taking some notes - so we can summarize calls. 16:23 jaynryan yes, the CTS or CBS links...can someone post 16:23 Guest3037 Some news articles are on the wiki page at http://wiki.idcommons.net/NSTIC 16:23 colin_nz http://www.cbsnews.com/8301-501465_162-20027837-501465.html 16:24 PeterCapek What Colin just posted was the article mentioned on Farber's list. 16:24 Kaliya graet. 16:24 IDmachines Citibank just got certified as an issuer at level 4 under the PIV-I framework, they are there, there are multiple other examples, NSTIC is different from policy 16:24 Kaliya wow 16:25 Kaliya where is a link for that 16:25 Kaliya ICAM was not mentioned - no specifics really. 16:25 Kaliya I wrote this last night. http://www.fastcompany.com/1715659/national-identity-cyberspace-why-we-shouldnt-freak-out-about-nstic 16:26 Kaliya got a call from Globe and Mail (the NYTimes of Canada) to explain what it was to him. 16:26 IDmachines its via CertiPath Bridge,http://www.woio.com/Global/story.asp?S=13629805 not sure the Federal Bridge Certificate Authority is updated yet 16:27 jaynryan for PIV-I, application doesn't mean cross-certified 16:29 jaynryan [for those there] A lot of talking for about 2-3 years now in our communities. Was there any talk about implenting? The threats are real, but I see too much talk in so many of the committees I attend 16:29 Pete Seems like the talk (and venue) was targeted somewhat to venture capitalists to say the government is on board with the general concepts 16:30 colin_nz ..so Identity proofing has to be standardised if an RP is to trust it (e.g. a school identity). Any word of IDV /NASPO? 16:31 maryhodder Peter.. yes it was directed toward SV VCs and entrepreneurs 16:31 michaelhelm > Seems like the talk (and venue) was targeted somewhat to venture capitalists - maybe side meetings with vendors/VCs/tech leaders in SV happening? 16:31 IDmachines Its through the CertiPath bridge 16:32 Kaliya North American Standards Product Organization 16:32 Kaliya it is an identity vetting standard 16:32 Joni http://www.google.ca/url?sa=t&source=web&cd=2&ved=0CCMQFjAB&url=http%3A%2F%2Fwww.naspo.info%2F&rct=j&q=naspo&ei=v3orTeq5CpKtnge08N3VAQ&usg=AFQjCNHSqxgffY9o5EczDh9tl_0UQxi83A&sig2=ELue8Q2515t65Bv4h6qc6w&cad=rja 16:33 Joni better = http://www.naspo.info/ 16:33 greg_turner any mention of telco as an IdP? and, is US government planning to regulate IdPs it has relationships with? 16:33 PeterCapek North American SECURITY Products Organization.. 16:33 jaynryan IDV is well defined in PKI circles 16:34 jaynryan already equivalent policies to pick from in many cases 16:34 michaelhelm greg_turner: no, and regulation - seemed to be focused on community standards/regulation instead 16:34 jaynryan international breeder documents the exception 16:34 greg_turner thx 16:34 fenton OMB 04-04: m04-04.pdf [View next to chat] 16:35 IDmachines SP800-63V1_0_2.pdf [View next to chat] 16:36 jaynryan financial institutions as relying parties or idp's? 16:36 Peter Verizon is offering a free IDP model for doctors 16:37 jaynryan verizon idp...do you have a link? 16:37 IDmachines Vz acquired Cyuertrust is a shared service provider 16:38 IDmachines ID-MSO.pdf [View next to chat] 16:38 Peter Verizon business services, there's little information there. 16:39 IDmachines Look to cybertrust references its basically a shared service for PKI 16:40 Peter http://www.eweek.com/c/a/Health-Care-IT/Verizon-Offers-Free-Identity-Credentials-for-Medical-Data-Exchange-297686/ 16:41 IDmachines also wells fargo has been cross certified for a long time 16:43 Kaliya we need to send e-mails to these people TODAY 16:44 Kaliya to say we have key people they can talk to about this effort and GET IT RIGHT! 16:44 lena_ I agree 16:45 lena_ any effort from the community to support our position 16:46 Peter So what makes a good story? 16:48 mib_7yfnpa PW@BCGOV: can anyone from privacy commisioner circles be counted on to advocate for user-centric re: privacy protections for online? 16:48 Kaliya who inside government is in working on communications on this? 16:49 Kaliya I mean we should also have on our sites list of people that the media can talk to about NSTIC 16:49 Peter It's coming from FTC 16:49 greg_turner why not say "it will good for the economy" 16:50 Kaliya I agree lena 16:50 colin_nz To Peter Watkins: Privacy Commissioners globally (and their association whose name I can't readily recall) are on board with user centric privacy aware identity from what I see 16:50 PeterCapek I'm capek@ieee.org 16:50 jaynryan yes, good for the economy...the said thing is that we are in a business continuity event, but we shy away from saying so, for the fear that it would create 16:51 jaynryan loss of trust in financial system so no one is sure how much you have in your account .. or get an id ... pick what you would like (marketing is not my forte : ) ) 16:51 mib_7yfnpa pw@bcgov: colin_nz - yes, so it's time for privacy commisioners to say it into the open microphone 16:52 Kaliya What are the Key MESSAGES we have? 16:52 Kaliya I guess this is another thing to think about. 16:52 Kaliya should we work on that on our wiki page? 16:52 colin_nz PW: I'll get Steve Johnston onto it..:-) 16:52 greg_turner "Create new economic opportunities" 16:53 mib_7yfnpa colin: so we need to chat... i'll send email outof band 16:53 Guest28132 Kaliya - can you please post a link to the Wiki? 16:53 Peter Also Commerce is the source of authority (though the MOU with ICANN) for DNS, which is how the e-public regards commercial URL based ID, and what get's phished. 16:54 IDmachines the problem is the level of investment, if this were the equivalent of the national highway system or the stimulus it would be news, 16:54 Kaliya http://wiki.idcommons.net/NSTIC 16:54 mib_7yfnpa pw@bcgov: gawker media flame out was perfect opportunity to show how user-centric is better and then from that how governments can participate by providing people with the identity information it does already today (but only in paper form) 16:54 Kaliya Gov. as convener and Major customers 16:55 jtrentadams Is the first target audience of this education really John Q. Public? 16:55 IDmachines where they are looking to cover their investment is around the 19 billion for healthcare and electronic health records 16:55 jtrentadams Or people a tad more technical who can in turn influence the more general audience? 16:56 Peter +1 on the healthcare issue, Patient ID is covered under HIPPA, but cannot be funded by GOVT 16:56 IDmachines yes but if they don't get ID right it will be a mess 16:56 Peter HIPAA 16:57 IDmachines it certainly helps with HIPAA 16:57 IDmachines or could... 16:57 Peter Congress forbids spending on patient ID, this is a workaround 16:57 Kaliya messages section on Wiki now- 16:57 Kaliya I think we all have different takes - this is OK. we should collect the various frames. 16:58 jaynryan banks would do stronger credentials if the consumers would ask for it 16:58 IDmachines i've always thought that ID is the 21st century version of electricity 16:58 jaynryan how to get consumers to ask for it? 16:59 Peter brand it 16:59 Kaliya but the issue is the word "one" 16:59 MaryR line capacity has been increased 16:59 IDmachines its about trust 17:00 greg_turner more sound bytes... "the safe way to personalize your web experience" 17:00 IDmachines trust me or like me, we have enough of the later and need more of the former 17:00 colin_nz I don't know if it's of any help but today NZ Gov does what NSTIC aims to do. I can understand that the US public may not be wowed by that but at least we have a 150K or so 'igovt logons' as we call them.. 17:00 Kaliya I think a next step is a list of people willing to talk to reporters - their area of expertise. 17:00 smarthart accountability and enforcement needs to be mentioned for trust.. 17:00 Kaliya We also should think about reaching out to the Economist. 17:01 IDmachines I have to go but let me know how I can help @idmachines sa@idmachines.com 17:01 Peter The pain is that certain elements of the current system are very hackable, due to poor user experience 17:01 IDmachines sal@idmachines.com 17:01 mib_7yfnpa ps@govbc: online sites and services will ask you for the identity information they need, you will be able to get that information from the places it comes from, and give it to the sites and services that have asked you for it: safely and with better privacy than you have today 17:01 IDmachines trusted! 17:02 IDmachines I agree they are not scarce they are not widely publicized there is a lot of activity around this 17:02 *** IDmachines quit (Quit: http://www.mibbit.com ajax IRC Client) 17:03 Guest40566 The government recognizes the growing concerns about multiple passwords, identity theft. Accordingly, it is being proactive on behalf of citizens and businesses by convening consumers and the private sector to push them to craft an identity ecosystem. 17:03 smarthart media point: -- > international role and utility of NSTIC 17:04 michaelhelm Kaliya - a resource center/page for NSTIC is needed just for me to explain this to my community - let alone the public/reporters. Useful for all in other words. 17:04 Peter Speakers bureau? 17:06 colin_nz You could say to tech reporters..'NSTIC looks a bit like this"... https://www1.i.govt.nz/cls/static/homepage 17:06 mib_7yfnpa pw@bcgov: we will review the wikipages and contribute as best we can 17:07 mib_7yfnpa pw@bcgov: followup FEB 14 in sanfran? 17:09 smarthart the international angle has media potential that extends this forward and across diverse news networks.. 17:11 *** mib_7yfnpa left #nstic 17:11 *** greg_turner quit (Quit: http://www.mibbit.com ajax IRC Client) 17:13 Peter Are certain players under NDA? 17:15 Guest3037 The NZ igovt page doesn't have anything about decentralized or private sector on front page 17:15 Kaliya http://wiki.idcommons.net/NSTIC 17:16 Joni Kantara Initative can help where we need structure and policy to manage our actions. 17:16 Kaliya Yes 17:16 Joni (where it makes sense) it's something we could support to make sure we're covered. 17:17 *** mib_g80ep8 quit (Quit: http://www.mibbit.com ajax IRC Client) 17:17 *** colin_nz quit (Quit: http://www.mibbit.com ajax IRC Client) 17:17 *** ndk quit (Quit: http://www.mibbit.com ajax IRC Client) 17:17 *** Joni quit (Quit: http://www.mibbit.com ajax IRC Client) 17:17 lena_ catch up more on Wed, bfn ... 17:18 Kaliya yes - I hope that was productive for folks 17:18 Kaliya large numbers of people with sort of broad outlines is a challenge