I, like many others, have been lurking on this conversation. I debated
whether or not to say what follows and finally decided that I needed to
express my opinion.
To set some context, I have always tried to live my life in a manner that
treats all people, regardless of race, creed, colour, gender, ethnicity,
etc, as equals with the right to express their opinion and have it heard.
In addition I have also tried to proactively expose bias and discrimination
for what they are.
This being said, I have had concerns with the conversation in some of the
email threads associated with the Code of Conduct. I strongly believe that
the problems of non inclusion as evidenced by biased or discriminatory
actions MUST not be condoned by ID professionals either in their actions or
in the solutions they develop. However, I do not believe that the ID
profession can, or should, set the bar on basic human rights. Rather, I
believe ID professionals should affirm their belief in basic human rights.
To me, the email threads have seemed like participants wanted the Code of
Conduct to have specifics to address challenges like these that, in my
opinion, go beyond the specifics of a professional in the Identity Space.
To that point, I agree with Chris concerning focus or, as a corollary, not
trying to solve all the world's issues in the Code of Conduct. I would
suggest rather that, as part of implementing of the Code of Conduct, a peer
review process needs to be established to deal with violations. That is the
mechanism, in my opinion, that should address unethical behaviours such as
bias and discrimination. It is also important to establish oversight of
this peer review process, and of those involved in conducting it, in order
to ensure that the process does not overlook, ignore, or even condone
unethical behaviour.
I also agree fully with others concerning the need for brevity and
simplicity in stating the Code of Conduct. Those features, as evidenced by
the longevity of the ACM code, lead to a lasting solution that stands the
test of time.
Ken
On Tue, Dec 13, 2016 at 1:08 PM Chris Phillips
wrote:
Normally I'm silent on saying I won't make the call but I'm the one that
brought up the CISSP Code and won't be there and welcome dialogue on this
in order for it to 'be considered'.
In a nutshell, my *perception *is there's a lot of 'be a good human being
and be professional to each other' in the IDPro code and to me that's a
given. (if it isn't, that's a problem in a bigger context, not just in this
one)
If that’s a given, what is *SPECIFIC* to an Identity expert that is
distinguishing and something that people can rally around? Will we resonate
with people and hear them say 'Yeah, I support that' or 'Yeah, that's
what I do around identity!' and 'I want to associate myself with this group
because I subscribe to their
approach/doctrine/techniques/mission/vision/values/goals/etc'.
To me things can distill down to focus. CISSP is a/has a broad surface of
security and associated principles which can include identity and best
practices topics whereas an identity expert is that but as applied in the
identity space with more focus on principles around identity and their
application. An IDPro can be at least minimally a capable CISSP, but more
specialized in the identity space.
I hope these thoughts make sense — let me know if I'm off the mark as I
currently don't have access to the wiki
As always, thoughts welcome..
Chris.
From: on behalf of Scott Shorter <
scott.shorter@kuma.pro>
Date: Tuesday, December 13, 2016 at 12:09 PM
To: Megan Cannon , "
dg-idpro@kantarainitiative.org"
Subject: Re: [DG-IDPro] Reminder: Kantara ID Pro Code of Conduct Meeting
today 2pm ET
Thank you Megan.
Agenda:
1.
Review the draft in light of the comments on the discussion list.
1. Questions raised on the list:
1. Will the organization be providing training on what it means to
achieve the objectives in the code? (A: seems to be an emerging consensus
towards yes)
2. Are there any responsibilities to maintain compliance metrics such
as David C's experience with the Athena Swan award process? (A: haven't
heard anyone
say yes to this)
3. Have we considered the
CISSP / ISC2 Code of Ethics https://www.isc2.org/ethics/default.aspx?
(A: at least one reviewer did look at that one yes)
2. Suggestions to the code of conduct from the list
1. Be more vague about the completeness of enumerated lists.
2. Be more explicit about "do no harm"
1. Q: What does harm mean?
Looking forward to the call!
-
Scott
*From: * on behalf of Megan Cannon <
megan@kantarainitiative.org>
*Date: *Tuesday, December 13, 2016 at 10:32 AM
*To: *"dg-idpro@kantarainitiative.org"
*Subject: *[DG-IDPro] Reminder: Kantara ID Pro Code of Conduct Meeting
today 2pm ET
Please join us for today's Code of Conduct Meeting:
*Code of Conduct*
*Tuesday, December 13, 2016*
*2:00pm to 3:00pm Eastern*
*Please join my meeting from your computer, tablet or smartphone.*
https://global.gotomeeting.com/join/493642077
*You can also dial in using your phone.*
United States +1 (312) 757-3129
*Access Code:* 493-642-077
*More phone numbers*
Australia +61 2 8355 1040
Austria +43 7 2088 0034
Belgium +32 (0) 28 93 7018
Canada +1 (647) 497-9391
Denmark +45 69 91 89 28
Finland +358 (0) 923 17 0568
France +33 (0) 170 950 594
Germany +49 (0) 692 5736 7211
Ireland +353 (0) 15 360 728
Italy +39 0 247 92 13 01
Netherlands +31 (0) 208 080 219
New Zealand +64 9 280 6302
Norway +47 75 80 32 07
Spain +34 955 32 0845
Sweden +46 (0) 853 527 836
Switzerland +41 (0) 435 0167 13
United Kingdom +44 (0) 330 221 0088
First GoToMeeting? Try a test session: http://help.citrix.com/getready
http://help.citrix.com/getready
_______________________________________________
DG-IDPro mailing list
DG-IDPro@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/dg-idpro
--
Kenneth Dagg Independent Consultant Identification and Authentication
613-825-2091 kendaggtbs@gmail.com