Wiki

Clone wiki

ekyc-ida / eKYC-IDA_Meeting_Notes_2020-01-15

Agenda

  • F2F London
  • Discussion of potential liaisons (e.g. FIDO, ETSi)
  • Conformance tests
  • Work through the existing tickets

Attendees:

  • Torsten Lodderstedt
  • Daniel Fett
  • Dima Postnikov
  • John Callahan
  • Kosuke Koiwai
  • Lee McGovern
  • Marcos Sanz
  • Marcus Almgren
  • Mark Haine
  • Naohiro Fujie
  • Takahiko Kawasaki
  • Wesley Dunnington
  • Achim Schlosser
  • Anthony Nadalin
  • Azusa Kikuchi
  • Roland Hedberg
  • Alberto Pulido

F2F London - item paused since Don is not present

Discussion of potential liaisons (e.g. FIDO, ETSi)

  • TorstenL would like to gather thoughts
  • AnthonyN - FIDO is looking at fast re-proofing to permit addition of secondary methods so not through electronic claims. Cojuld be linked with eKYC to soem extent but not with claims - propose we wait and see how that effort develops. There is only activity on gathering requirements
  • AnthonyN - suggests engagememt with ISO SC17 Working group 10 - Mobile Driving Licenses - at an ISO plenary in March
  • DimaP - Fido is looking at recovery processes - chat: ```Identity Verification & Binding Working Group Overview

  • For accounts protected from phishing and other credential-based attacks with FIDO Authentication, the account recovery process when a FIDO device is lost or stolen becomes critical to maintaining the integrity of the user’s account. Validating a user’s identity with high assurance is an important aspect of this process, as well as for account onboarding processes, meeting Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements.

  • The FIDO Alliance has identified newer remote, possession-based techniques including biometric “selfie” matching and government-issued identity document authentication as having the potential to greatly improve the quality of identity assurance for new account onboarding and account recovery. The Alliance has also determined a market need for authoritative guidance, performance evaluation and certifications for their use.

  • The FIDO Alliance has created the IDWG to fill this need. The IDWG will define criteria for re```

  • AnthonyN - shouldn’t be hard to establish a stronger enaggement when the appropriate time arises

  • AnthonyN - Add this working group for notification to ISO SC17

  • TorstenL - suggest we establish a liason with ETSI - as they have started to work towards a standard for identity proofing - it would be useful if this group appears in the report - TorstenL will take care of that

  • AnthonyN - don’t forget W3C verifiable credentials working group - it is in maintenance mode - recommendation: AnthonyN - just keep an eye on that

Conformance tests

  • TorstenL :What does it take in this space?
  • RolandH: Suggestion is that comparison of implementations as well as

Known implementations in progress:

  • Marcos (ID4me),
  • Vladimir (Connect2id)
  • Taka (Authlete)
  • Roland working on implementation,
  • 3 in ‘yes’ ecosystem
  • Curity (?)

  • MacrosS - Helpful for potential interop workshops, to know whom to invite

  • TorstenL will send a message to the list and document it

Work through the existing tickets

Intent is to go through and categorise Issues

Issues discussed were

  • #1068 openid / ekyc-ida / issues / #1068 - Follow ISO rules (ISO Directive Part 2 and global relevance documents) on the drafting — Bitbucket
  • #1069 closed no objections - openid / ekyc-ida / issues / #1069 - Identity Assurance Section 5.1 on reason for request — Bitbucket
  • #1077 openid / ekyc-ida / issues / #1077 - Identity Assurance - Need Input from other Jurisdictions — Bitbucket
    • DimaP will seek feedback on this point from Australia,
    • MarcusA will seek feedback from Scandinavia,
    • MaciejM will seek feedback in UK,
    • TorstenL will send out a not seeking further feedback
  • #1078 closed with no objections openid / ekyc-ida / issues / #1078 - Identity Assurance - Incorporate EU/EC KYC Token work — Bitbucket,
    • TorstenL spoke to an EU expert and this seems to be a bias to SAML but that what we are doing supports their goals
    • Propose close as Torsten will take it forward with ETSi
  • #1088 openid / ekyc-ida / issues / #1088 - register new claims in OAuth Token Introspection Response Registry — Bitbucket
    • TorstenL suggests updating the JWT claims spec,
    • MarkH will do this with support from TorstenL
  • #1093 openid / ekyc-ida / issues / #1093 - Extensibility: how do we support extensibility for trust frameworks, evidence types, verification methods and id documents? — Bitbucket
    • AnthonyN - will develop a proposal for an IANA regsitry
  • #1094 openid / ekyc-ida / issues / #1094 - How to treat unknown identifiers in claims parameter — Bitbucket
    • MarcosS took action to review and make a proposal
  • #1097 openid / ekyc-ida / issues / #1097 - Include Legal Persons — Bitbucket
    • MarcusA is concerned about the complexity of identifying the Unique beneficial entity
    • AnthonyN seconded that view
    • TorstenL The feeling is that there is a desire to do this but push it back and come back to this topic if we have the capacity and expertiese
  • #1098 openid / ekyc-ida / issues / #1098 - Add verification_score — Bitbucket
  • #1100 openid / ekyc-ida / issues / #1100 - Analyse ISO 29003 — Bitbucket
    • AnthonyN - we should use ISO29003 as a guide

Updated