Hey Folks Attached a draft beta pre-finalization of the BoK. The basic idea is to have something to be discussed as a pre-final version, which can be used to take the next step: the development of the BoK Content itself (or the structures to allow it grow and develop) Comments are welcome! PS: Apart from the 'Authentication' section, I have removed /reworked the stuff that was available as comments. If you miss your comment: sorry. Just add it back, but remember to check if the idea / stuff you have in mind is not already handled in one of the sections/slices. I recommend that we discuss this in next weeks call; maybe we get enough infos to 'close' the authentication section as well then Thorsten
1. There should probably be a glossary. Whats the difference between a Subject and a User? Whats a policy? etc. 2. Agree with the comment that Authentication and Proofing should not be covered at the same time. Authentication should be a transaction focussed discussion where proofing is a data management discussion. 3. What about adding NIST 800-53 as a standard for identity and authorization? 4. In addition to standards mentioned, think we should include patterns (and anti-patterns)? ie on the Authentication side talking about integration you have header injection patterns (or anti-pattern depending on your opinion) and on the data side you have sync and virtual patterns. On Mon, Jun 19, 2017 at 3:30 PM Thorsten H. Niebuhr [WedaCon GmbH] < tniebuhr@wedacon.net> wrote:
Hey Folks
Attached a draft beta pre-finalization of the BoK. The basic idea is to have something to be discussed as a pre-final version, which can be used to take the next step: the development of the BoK Content itself (or the structures to allow it grow and develop)
Comments are welcome!
PS: Apart from the 'Authentication' section, I have removed /reworked the stuff that was available as comments. If you miss your comment: sorry. Just add it back, but remember to check if the idea / stuff you have in mind is not already handled in one of the sections/slices.
I recommend that we discuss this in next weeks call; maybe we get enough infos to 'close' the authentication section as well then Thorsten
_______________________________________________ DG-IDPro mailing list DG-IDPro@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idpro
-- Marc Boorshtein CTO Tremolo Security marc.boorshtein@tremolosecurity.com (703) 828-4902 Twitter - @mlbiam / @tremolosecurity
Hi @all We would like to do a 'finalization' call on 2017-07-17 to discuss/ agree on the final doc (based on the pre-final I have sent out a few weeks ago) I have also created a new GoogleDoc from it, which you can find here and comment on it. https://docs.google.com/document/d/1QG_F4DRHFxzc5GDv6P6tEqfJitai5xP6QfZO_zUn... Furthermore, I have (quick and dirty) set up a knowledge-management System (more or less a simple collector), which can be reached via the link below. The system is a simple (but very nice) tool to collect links and docs to certain topics; comment on them and tagging it https://crm.identity-experts.net:30443/knowledge/open.knowledge/list please note: * This one is really quicky and dirty right now o self-signed cert o cant sent mails + which requires you to register; I will check periodically to accept the registrations to enable your login Thanks, Thorsten On 06/19/2017 09:30 PM, Thorsten H. Niebuhr [WedaCon GmbH] wrote:
Hey Folks
Attached a draft beta pre-finalization of the BoK. The basic idea is to have something to be discussed as a pre-final version, which can be used to take the next step: the development of the BoK Content itself (or the structures to allow it grow and develop)
Comments are welcome!
PS: Apart from the 'Authentication' section, I have removed /reworked the stuff that was available as comments. If you miss your comment: sorry. Just add it back, but remember to check if the idea / stuff you have in mind is not already handled in one of the sections/slices.
I recommend that we discuss this in next weeks call; maybe we get enough infos to 'close' the authentication section as well then
Thorsten
participants (2)
-
Marc Boorshtein -
Thorsten H. Niebuhr [WedaCon GmbH]