December 13, 2016 UXC Meeting Page

From IDESG Wiki
Revision as of 03:51, 28 June 2018 by Omaerz (talk | contribs) (5 revisions imported: Initial Upload of old pages from IDESG Wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

USER EXPERIENCE COMMITTEE MEETING NOTES


Attendees:

  • Mary Hodder
  • Tom Jones
  • Ellen Nadeau
  • Paul Knight
  • Linda Braun, Global Inventures


  • Meeting Minutes
    • No minutes were approved

Meeting Notes

  • Agenda
  • Current Work and Activities Discussion:


  • The team continued the discussion and reviewed work that Tom Jones has been doing to define how IDESG might replace our Relying Party system on IDESG.org, IDEFRegistry.org and our Wiki for a version that does it right.
  • Before Tom started his review, Mary discussed what guidelines we could offer other orgs, big and small, about how they might also do an identity system that acts as a relying party, includes attributes important to their org, and is in sync with the IDEF Requirements, as well as give them a sample system in github.
  • UXC can support this effort by helping to spec out the product requirements from a UX perspective with the notion that privacy and security groups will want to weigh in.
  • This could be run overall as a project through the IDEF Registry group coordinating with UXC, Privacy and Security for requirements and the Guidelines docs and overseeing the building of a system later, because the IDEF Registry group has been doing our "product work" so far.
  • Tom Jones started the review of the site. See Best Practices and Example for RP System (Tom Jones) (https://wiki.idesg.org/wiki/index.php?title=Best_Practices_and_Example_for_RP_System)
  • This site includes design thinking and Tom’s working notes, so it is suggested people go to the site to understand the current thinking about the site.
  • The goals set out the needs and constraints on an example for use by a Relying Party (RP) systems design:
  • Provide web sites guidelines and an example of code that can be used: (in order of priority)
    • to provide an example that can be used by any website to more easily achieve IDESG compliance
    • to create an IDESG compliant Relying Party website so that the IDESG can be a paradigm for its own principles
    • to create a database of site members that can be used to create identity claims for various IDESG sites and activities
  • Support federation to more than one external widely used or IDESG compliant Identity Providers (IdPs).Support two factor authentication
  • Provide in-line guidance in the example code of the IDEF requirements that a developer of any website can apply
  • Support various stake-holders of IDESG, such as Healthcare and Government
  • Jim Kragh offered his input from a Healthcare perspective on a number of areas.
  • Ellen Nadeau volunteered to provide some language on Redress from a privacy control perspective. 800-53 revision 4.
  • Membership – Tom will update information for the membership page.
  • Jim Kragh will send a commission report on authenticated user in Healthcare.
  • Chat: Ellen@All: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
    • Ellen@All: Redress is control IP-3, in appendix J
  • Mary to get scale-free icons for Tom in any vector size.
  • Tom Jones asked for input from the rest of the UXC team before next meeting.


11. Adjourn 1:00p.m. EDT

  • Next meeting is scheduled for December 20, 2016.