Taxonomy AHG Meeting 11/21/2013
Jump to navigation
Jump to search
Quick Links: Taxonomy | Taxonomy Project Management | Taxonomy AHG Catalog | Taxonomy AHG Glossary |
Attendees
| Adam Madlin (Chair) | Ryan Galluzzo | Ben Wilson |
| John Stearns | Mike Garcia | Aestetix |
| Robert Faron | Jim Fenton | Eric Krum |
| Anne Racuya-Robins | Cathy Tilton | Sal D’Agostino |
| Seetharama Durbha | Christopher Spottiswoode | Winthrop Baylies |
| Bev Corwin |
Notes
Objectives/Intro:
- Review and finalize Glossary Release 1.1 and its six associated terms.
- We would like to have this ready for IDESG approval prior to the next plenary session; though Adam pointed out that we will always be able to reconsider terms in the future.
- Winthrop suggested we focus on pseudonymity and anonymity issues.
Glossary Release 1.1
- Adam received an updated set of input around Glossary 1.1 items as well as additions to the Pseudonymity and anonymity issues from Jim Fenton and Mike Garcia.
- Jim Fenton provided the following updated definitions (BOLD):
Attribute: A named quality or characteristic that is claimed to be inherent in or ascribed to an entity.
- There were no objections to the proposed change.
Identifier: Value used to distinguish an identity in a given context.
- Seetharama thinks there is a fundamental disconnect between the AHG’s definitions for identifier and digital identity. If digital identity is unique in a given context, then what is the purpose of an identifier? He suggested the group may need to reconsider their definition of digital identity.
- John Stearns does not understand the use of the word “value” in Jim’s definition.
- Jim sees the identifier as a “tag” that is used in a system to represent an identity. He believes that a digital identity is controlled by an entity (as in that entity controls when it is asserted). He believes that identifier should use “value” rather than an attribute because it does not fit with the AHG’s current definition of attribute; an identifier does not have to be a quality inherent to an entity and it should be opaque.
- Seetharama has an issue with definition of attribute. He does not believe that it has to be anything inherent in the entity; he believes an attribute is simply a name-value pair.
- John believes we will have many identities and many different sets of attributes in order to complete transactions. But, not all attributes will be given to every RP. Each person will have different “values” for different attributes in different transactions.
- Mike believes we should move to “value” in the definition since a value could in fact be an attribute; it is more inclusive. In an identity provider’s system there is a value associated with an identity used to distinguish that identity from others. This definition simply suggests that there is a value in the system that allows that system to know which identity is being used in a specific context.
- Seetharama believes that a value cannot stand on its own; it must be an attribute and it must be a name value pair. He also believes we should be focusing on the “data on the wire” not data within systems.
- Eric agrees that attribute should be used in the definition, but feels we are confusing all the different contexts in which “identifier” may be used; he suggests changing to “attribute value.”
- Jim still believes that the current AHG definition of “attribute” suggests that an attribute gives information about the entity associated with it; he believes that identifiers should give no information about the actual entity.
- Mike suggested an example may clarify things—an identity broker starting a session with an RP on behalf of a subject will typically assign a session id to ensure that all parties know who is in the session and associated interactions—is the session identifier an attribute?
- Seethrama believes it is an attribute as it is a name-value pair. He believes that the current definition of attribute is too narrow; Mike believes the inclusion of “ascribed to” in the current attribute definition allows the above example to be included as an attribute—a deeper question is whether we WANT to consider something like this an attribute.
- Jim does not believe that all name value-pairs are attributes. In his definition, he wanted to be explicit in support opaque identifiers.
- Adam, suggested we continue to use the original definition and include the need to support an opaque identifier as a note; the note for attribute will be updated as well.
- In all definitions we need to replace “identity” with “digital identity.”
- Mike also suggested all “in contexts” should be changed to “in a given context.”
- Seetharama suggested that, perhaps, we need to rethink “digital identity”—perhaps it is not unique it is simply a collection of attributes; the identifier is what is actually unique.
- John Stearns believes we need to have unique in “digital identity”.
Authentication: Process of confirmation of a claimed identity based on valid credentials determining the validity of a credential used to claim an identity.
- John Stearns believes that the term “statistically acceptable” needs to be included in this definition.
Digital Identity: An attribute set that can be uniquely distinguished in a given context and can be used for a digital interaction.
- Jim included mention of a “digital interaction” because of the concept we discussed last week regarding shadow profiles, etc.; the use of attributes to engage in an interaction is what distinguishes an “identity” from a collection of third party information about an entity.
- Jim also noted that we have yet to utilize “token” in any subsequent definitions and is not certain it is a “core” definition. Adam suggested we go forward with the definition in Glossary 1.1 since we have consensus on it.
- Cathy would like to remove the note from “token,” she feels as if it precludes the use of biometrics; she has no issue with the definition itself.
Conclusion
- There needs to be further discussion on many of the terms; Adam re-iterated his goal to have these ready for adoption prior to January Plenary.
- Seetharama will initiate an email thread on changes to “digital identity” and “identifier.”
- Adam would like to get to get through “digital identity” and “authentication” at the next meeting.
- We will not have a meeting next week due to Thanksgiving.
Actions
| Action | Owner | Due | Status |
|---|---|---|---|
| None | N/A | N/A | N/A |
Quick Links: Taxonomy | Taxonomy Project Management | Taxonomy AHG Catalog | Taxonomy AHG Glossary |