NSTIC/CallLog-2011-01-07

From IdCommons

Log of mibbit.com ir channel on 2011-01-07 call

16:03		*** Jay_Unger joined #nstic
16:03		*** PeterCapek joined #nstic
16:03		*** maryhodder joined #nstic
16:03		*** mib_47v4hj joined #nstic
16:03		*** gunther joined #nstic
16:04		*** mib_47v4hj quit (Quit: http://www.mibbit.com ajax IRC Client)
16:04		*** bob_p joined #nstic
16:04		*** jeff joined #nstic
16:04		*** michaelhelm joined #nstic
16:04		*** jtrentadams joined #nstic
16:04		*** Peter joined #nstic
16:04		*** MaryR joined #nstic
16:04		*** fenton joined #nstic
16:04		*** gunther quit (Quit: http://www.mibbit.com ajax IRC Client)
16:04		*** Joni joined #nstic
16:05		*** jeff is now known as Guest40566
16:05		*** karen joined #nstic
16:05		*** Alan joined #nstic
16:06		*** mib_7yfnpa joined #nstic
16:06		*** mib_g80ep8 joined #nstic
16:06		*** greg_turner joined #nstic
16:06		*** ndk joined #nstic
16:06		*** colin_nz joined #nstic
16:06		*** Alan is now known as Guest28132
16:07		*** lena_ joined #nstic
16:08	mib_7yfnpa  hello
16:09	Kaliya      Hi
16:09	maryhodder  hi
16:10	fenton      anyone who wants to can introduce themselves this way as well.
16:10		*** mib_7yfnpa left #nstic
16:10		*** mib_7yfnpa joined #nstic
16:11	lena_       hi all
16:11	Joni        Hi Lena!
16:11	Joni        Hi All
16:13	michaelhelm I was at the event too - having it settled that Commerce is hosting this is the news. Not much info on how the government itself interacts with NSTIC!
16:14	jtrentadams I hear that the dial-in number is saturated.
16:14	IDmachines  I agree with that, it was surprising that it wasn't DHS since they were driving the initial outreach.
16:14	Kaliya      yeah -also heard that.
16:14	jtrentadams Since no one else is able to get in... would it make sense to record this?
16:14	Kaliya      maybe
16:15	Kaliya      does this bridge have a limit?
16:15	jtrentadams I think the max is 25 participants
16:15		*** smarthart joined #nstic
16:15	Kaliya      oooh
16:15	Kaliya      ok. didn't know that
16:16	colin_nz    Was there mention of ICAM and how it would play a role?
16:17	michaelhelm That would have been my question if there had been time. I asked Dr Gallagher about that afterwords, not much info. yet....
16:17	colin_nz    'K..thanks
16:19	Jay_Unger   Mary Ruddy says the bridge should not be limited to 25. Tell people who are having trouble to try again.
16:20	smarthart   Thanks have been able to get on now...
16:21	michaelhelm Is the Admin in danger of losing control of the message of NSTIC, like what happened to other things in the past 18 mos?
16:22	michaelhelm Could someone post a link to the article (CTS?) cited in the call? Thanks.
16:22	Guest3037   still can't get on
16:22	Kaliya      Where are the relying party.
16:23	Kaliya      I am taking some notes - so we can summarize calls.
16:23	jaynryan    yes, the CTS or CBS links...can someone post
16:23	Guest3037   Some news articles are on the wiki page at http://wiki.idcommons.net/NSTIC
16:23	colin_nz    http://www.cbsnews.com/8301-501465_162-20027837-501465.html
16:24	PeterCapek  What Colin just posted was the article mentioned on Farber's list.
16:24	Kaliya      graet.
16:24	IDmachines  Citibank just got certified as an issuer at level 4 under the PIV-I framework, they are there, there are multiple other examples, NSTIC is different from policy
16:24	Kaliya      wow
16:25	Kaliya      where is a link for that
16:25	Kaliya      ICAM was not mentioned - no specifics really.
16:25	Kaliya      I wrote this last night. http://www.fastcompany.com/1715659/national-identity-cyberspace-why-we-shouldnt-freak-out-about-nstic
16:26	Kaliya      got a call from Globe and Mail (the NYTimes of Canada) to explain what it was to him.
16:26	IDmachines  its via CertiPath Bridge,http://www.woio.com/Global/story.asp?S=13629805 not sure the Federal Bridge Certificate Authority is updated yet
16:27	jaynryan    for PIV-I, application doesn't mean cross-certified
16:29	jaynryan    [for those there] A lot of talking for about 2-3 years now in our communities. Was there any talk about implenting? The threats are real, but I see too much talk in so many of the committees I attend
16:29	Pete        Seems like the talk (and venue) was targeted somewhat to venture capitalists to say the government is on board with the general concepts
16:30	colin_nz    ..so Identity proofing has to be standardised if an RP is to trust it (e.g. a school identity). Any word of IDV /NASPO?
16:31	maryhodder  Peter.. yes it was directed toward SV VCs and entrepreneurs
16:31	michaelhelm > Seems like the talk (and venue) was targeted somewhat to venture capitalists - maybe side meetings with vendors/VCs/tech leaders in SV happening?
16:31	IDmachines  Its through the CertiPath bridge
16:32	Kaliya      North American Standards Product Organization
16:32	Kaliya      it is an identity vetting standard
16:32	Joni        http://www.google.ca/url?sa=t&source=web&cd=2&ved=0CCMQFjAB&url=http%3A%2F%2Fwww.naspo.info%2F&rct=j&q=naspo&ei=v3orTeq5CpKtnge08N3VAQ&usg=AFQjCNHSqxgffY9o5EczDh9tl_0UQxi83A&sig2=ELue8Q2515t65Bv4h6qc6w&cad=rja
16:33	Joni        better = http://www.naspo.info/
16:33	greg_turner any mention of telco as an IdP? and, is US government planning to regulate IdPs it has relationships with?
16:33	PeterCapek  North American SECURITY Products Organization..
16:33	jaynryan    IDV is well defined in PKI circles
16:34	jaynryan    already equivalent policies to pick from in many cases
16:34	michaelhelm greg_turner: no, and regulation - seemed to be focused on community standards/regulation instead
16:34	jaynryan    international breeder documents the exception
16:34	greg_turner thx
16:34	fenton      OMB 04-04: m04-04.pdf [View next to chat]
16:35	IDmachines  SP800-63V1_0_2.pdf [View next to chat]
16:36	jaynryan    financial institutions as relying parties or idp's?
16:36	Peter       Verizon is offering a free IDP model for doctors
16:37	jaynryan    verizon idp...do you have a link?
16:37	IDmachines  Vz acquired Cyuertrust is a shared service provider
16:38	IDmachines  ID-MSO.pdf [View next to chat]
16:38	Peter       Verizon business services, there's little information there.
16:39	IDmachines  Look to cybertrust references its basically a shared service for PKI
16:40	Peter       http://www.eweek.com/c/a/Health-Care-IT/Verizon-Offers-Free-Identity-Credentials-for-Medical-Data-Exchange-297686/
16:41	IDmachines  also wells fargo has been cross certified for a long time
16:43	Kaliya      we need to send e-mails to these people TODAY
16:44	Kaliya      to say we have key people they can talk to about this effort and GET IT RIGHT!
16:44	lena_       I agree
16:45	lena_       any effort from the community to support our position
16:46	Peter       So what makes a good story?
16:48	mib_7yfnpa  PW@BCGOV: can anyone from privacy commisioner circles be counted on to advocate for user-centric re: privacy protections for online?
16:48	Kaliya      who inside government is in working on communications on this?
16:49	Kaliya      I mean we should also have on our sites list of people that the media can talk to about NSTIC
16:49	Peter       It's coming from FTC
16:49	greg_turner why not say "it will good for the economy"
16:50	Kaliya      I agree lena
16:50	colin_nz    To Peter Watkins: Privacy Commissioners globally (and their association whose name I can't readily recall) are on board with user centric privacy aware identity from what I see
16:50	PeterCapek  I'm capek@ieee.org
16:50	jaynryan    yes, good for the economy...the said thing is that we are in a business continuity event, but we shy away from saying so, for the fear that it would create
16:51	jaynryan    loss of trust in financial system so no one is sure how much you have in your account .. or get an id ... pick what you would like (marketing is not my forte : ) )
16:51	mib_7yfnpa  pw@bcgov: colin_nz - yes, so it's time for privacy commisioners to say it into the open microphone
16:52	Kaliya      What are the Key MESSAGES we have?
16:52	Kaliya      I guess this is another thing to think about.
16:52	Kaliya      should we work on that on our wiki page?
16:52	colin_nz    PW: I'll get Steve Johnston onto it..:-)
16:52	greg_turner "Create new economic opportunities"
16:53	mib_7yfnpa  colin: so we need to chat... i'll send email outof band
16:53	Guest28132  Kaliya - can you please post a link to the Wiki?
16:53	Peter       Also Commerce is the source of authority (though the MOU with ICANN) for DNS, which is how the e-public regards commercial URL based ID, and what get's phished.
16:54	IDmachines  the problem is the level of investment, if this were the equivalent of the national highway system or the stimulus it would be news,
16:54	Kaliya      http://wiki.idcommons.net/NSTIC
16:54	mib_7yfnpa  pw@bcgov: gawker media flame out was perfect opportunity to show how user-centric is better and then from that how governments can participate by providing people with the identity information it does already today (but only in paper form)
16:54	Kaliya      Gov. as convener and Major customers
16:55	jtrentadams Is the first target audience of this education really John Q. Public?
16:55	IDmachines  where they are looking to cover their investment is around the 19 billion for healthcare and electronic health records
16:55	jtrentadams Or people a tad more technical who can in turn influence the more general audience?
16:56	Peter       +1 on the healthcare issue, Patient ID is covered under HIPPA, but cannot be funded by GOVT
16:56	IDmachines  yes but if they don't get ID right it will be a mess
16:56	Peter       HIPAA
16:57	IDmachines  it certainly helps with HIPAA
16:57	IDmachines  or could...
16:57	Peter       Congress forbids spending on patient ID, this is a workaround
16:57	Kaliya      messages section on Wiki now-
16:57	Kaliya      I think we all have different takes - this is OK. we should collect the various frames.
16:58	jaynryan    banks would do stronger credentials if the consumers would ask for it
16:58	IDmachines  i've always thought that ID is the 21st century version of electricity
16:58	jaynryan    how to get consumers to ask for it?
16:59	Peter       brand it
16:59	Kaliya      but the issue is the word "one"
16:59	MaryR       line capacity has been increased
16:59	IDmachines  its about trust
17:00	greg_turner more sound bytes... "the safe way to personalize your web experience"
17:00	IDmachines  trust me or like me, we have enough of the later and need more of the former
17:00	colin_nz    I don't know if it's of any help but today NZ Gov does what NSTIC aims to do. I can understand that the US public may not be wowed by that but at least we have a 150K or so 'igovt logons' as we call them..
17:00	Kaliya      I think a next step is a list of people willing to talk to reporters - their area of expertise.
17:00	smarthart   accountability and enforcement needs to be mentioned for trust..
17:00	Kaliya      We also should think about reaching out to the Economist.
17:01	IDmachines  I have to go but let me know how I can help @idmachines sa@idmachines.com
17:01	Peter       The pain is that certain elements of the current system are very hackable, due to poor user experience
17:01	IDmachines  sal@idmachines.com
17:01	mib_7yfnpa  ps@govbc: online sites and services will ask you for the identity information they need, you will be able to get that information from the places it comes from, and give it to the sites and services that have asked you for it: safely and with better privacy than you have today
17:01	IDmachines  trusted!
17:02	IDmachines  I agree they are not scarce they are not widely publicized there is a lot of activity around this
17:02		*** IDmachines quit (Quit: http://www.mibbit.com ajax IRC Client)
17:03	Guest40566  The government recognizes the growing concerns about multiple passwords, identity theft. Accordingly, it is being proactive on behalf of citizens and businesses by convening consumers and the private sector to push them to craft an identity ecosystem.
17:03	smarthart   media point: -- > international role and utility of NSTIC
17:04	michaelhelm Kaliya - a resource center/page for NSTIC is needed just for me to explain this to my community - let alone the public/reporters. Useful for all in other words.
17:04	Peter       Speakers bureau?
17:06	colin_nz    You could say to tech reporters..'NSTIC looks a bit like this"... https://www1.i.govt.nz/cls/static/homepage
17:06	mib_7yfnpa  pw@bcgov: we will review the wikipages and contribute as best we can
17:07	mib_7yfnpa  pw@bcgov: followup FEB 14 in sanfran?
17:09	smarthart   the international angle has media potential that extends this forward and across diverse news networks..
17:11		*** mib_7yfnpa left #nstic
17:11		*** greg_turner quit (Quit: http://www.mibbit.com ajax IRC Client)
17:13	Peter       Are certain players under NDA?
17:15	Guest3037   The NZ igovt page doesn't have anything about decentralized or private sector on front page
17:15	Kaliya      http://wiki.idcommons.net/NSTIC
17:16	Joni        Kantara Initative can help where we need structure and policy to manage our actions.
17:16	Kaliya      Yes
17:16	Joni        (where it makes sense) it's something we could support to make sure we're covered.
17:17		*** mib_g80ep8 quit (Quit: http://www.mibbit.com ajax IRC Client)
17:17		*** colin_nz quit (Quit: http://www.mibbit.com ajax IRC Client)
17:17		*** ndk quit (Quit: http://www.mibbit.com ajax IRC Client)
17:17		*** Joni quit (Quit: http://www.mibbit.com ajax IRC Client)
17:17	lena_       catch up more on Wed, bfn ...
17:18	Kaliya      yes - I hope that was productive for folks
17:18	Kaliya      large numbers of people with sort of broad outlines is a challenge