That's great Sal.

I'm on it now.

Thanks to everyone for their efforts.

Carol

On Mon, Dec 2, 2024 at 3:47 PM Salvatore D'Agostino <sal@idmachines.com> wrote:

Hi Carol,

 

Here are the more narrow comments building on Mark’s edited version as a final draft for the WG.  It is the 3rd sheet now in the workbook.

 

NIST - AVS - Kantara Comments - Google Sheets

 

Thanks for your support in providing these.

 

The WG is in copy.

 

Kind regards,

 

Sal

 

 

 

 

From: Carol Buttle <carol@kantarainitiative.org>
Sent: Monday, December 2, 2024 9:18 AM
To: Salvatore D'Agostino <sal@idmachines.com>
Cc: Kay Chopard <kay@kantarainitiative.org>; Andrew Hughes <andrewhughes3000@gmail.com>
Subject: Re: NISTIR Comments

 

Hi Sal,

 

Thanks.

 

It was apparent going through how much time and consideration had been given to this.

 

Look forward to anything else you have. I can go through and then we can get staff to submit as Kay suggests and keep the deadline.

 

Carol

 

On Mon, Dec 2, 2024 at 1:32PM Salvatore D'Agostino <sal@idmachines.com> wrote:

That is great news.

 

Yes please put those forward, the WG has put in a lot of effort on this.

 

We have gone even further on some of these drilling down on how our Transparency Performance Record and its need, and also into the confusion between consent and permission.

 

If you give me another hour I can share those with you as well.

 

Anyone want a turkey sandwich?

 

Cheers,

Sal

 

 

 

From: Kay Chopard <kay@kantarainitiative.org>
Sent: Monday, December 2, 2024 8:20 AM
To: Carol Buttle <carol@kantarainitiative.org>
Cc: Salvatore D'Agostino <sal@idmachines.com>; Andrew Hughes <andrewhughes3000@gmail.com>
Subject: Re: NISTIR Comments

 

I think we should submit these as Kantara comments. 

 

Shall I have staff submit this in that case? 

 

 

Kay Chopard

Executive Director 

Kantara Initiative Inc. 

 

On Dec 2, 2024, at 7:52AM, Carol Buttle <carol@kantarainitiative.org> wrote:



Hi Salvatore,

 

Thanks for compiling the NISTIR comments.

As promised I have reviewed.

 

I've taken the liberty of cleaning up some of the comments and addressing typos etc.

 

I agree with the comments you have collated. Especially this whole thing of 'user' vs. 'Citizen'

As for consent, besides 29100 they could also have taken some best practice from other jurisdictions on privacy principles, perhaps even ISO 27701.

 

Names being non-validated due to apostrophe's or hyphenated are also a bone of contention with me, suggests people don't understand how to create either attributes, data schemas or credentials that encompass multiple scenarios.

 

Thanks,

 

Carol

 

--

Carol Buttle | Chief Technology Officer

 

Mobile:    +44 (0)7747 882435

LinkedIn:  @KantaraInitiative

<image.png>