[OpenID board] OIDF Executive Director's UPDATE: Government Adoption of OpenID: Certification

Don Thibeau (OIDF ED) don at oidf.org
Mon Nov 23 12:00:44 UTC 2009


This is to bring the OpenID Board up to date on the latest developments with
our OpenID certification initiative. 

 

Since March of this year, the OpenID and the Information Card Foundations
have collaborated on responding to US government identity standards adoption
and certification requirements. In September 2009 the U.S. General Services
Administration (GSA) established a
<http://www.idmanagement.gov/documents/TrustFrameworkProviderAdoptionProcess
.pdf> Trust Framework Provider Adoption Process (TFPAP) as a key step to
enable citizens to easily and safely engage with government websites.  The
impact of our work with the government can be seen in the first set of
deliverables at  <http://www.IDmanagement.gov> www.IDmanagement.gov.  As a
result of following the government's Identity Scheme Adoption Process (ISAP)
and Trust Framework Provider Adoption Process (TFPAP) process; the OpenID
and information Card profiles have been completed under the ISAP process.

 

Two weeks ago at the OpenID Summit and again at the Internet Identity
Workshop (IIW), we asked the community at large to help design our approach,
challenge our assumptions and focus our vision.  Immediately after IIW, the
Boards of Directors of the OpenID Foundation and the Information Card
Foundation agreed to form a "joint steering committee"  (JSC) to refine
strategic goals, investigate operational alternatives, and guide deployment
planning for what we have called the Open Identity Framework or OIF. The
Steering Committee is composed of four representatives of companies that are
members of both foundations and four community representatives including the
Chairmen of both foundation boards.  The joint steering committee reviewed
the request for information and weighed the tradeoffs of outsourcing versus
those strategic (In-Sourced) program elements.  The JSC has fast tracked the
process of choosing OIF development partners and expects a report in 30
days. The JSC plans to quickly report its findings and recommendations to
the two boards to set a course of action by year's end. 

 

On behalf of the JCS, a request for information was sent today to Kantara,
OASIS, Protiviti, InCommon, Global Inventures, and FuGen with an information
copy to VeriSign.  This request for information has three objectives; to
solicit informed collaboration, to identify a short list of potential
partners and continue to evolve our thinking.  We attached supplemental
materials to fully describe our plans.  The JSC selection criteria are
likely to focus on cost efficiencies, execution synergies and compatible
"business models."  Just as we have reached out to the community at IIW and
future partners through the RFI.  We have also taken care to understand best
practices in legal and policy interop. We are working with lawyers close to
the ABA Federated Identity Legal Task Force at
<http://www.abanet.org/dch/committee.cfm?com=CL320041&edit=0>
http://www.abanet.org/dch/committee.cfm?com=CL320041&edit=0  The policy
aspects of certification importantly involve privacy and user protections.
At the suggestion of the White House National Security Staff, we are
soliciting legal and policy analysis from the Center from Democracy and
Technology.  You may have an interest in their notes at
<http://cdt.org/policy/cdt-discusses-key-policies-issues-surrounding-user-ce
ntric-identity-management>
http://cdt.org/policy/cdt-discusses-key-policies-issues-surrounding-user-cen
tric-identity-management  We are always mindful of the domain expertise and
assets VeriSign has in this space. Nico Popp is a thought leader in this
space and his blog post on this subject at
<http://blogs.verisign.com/innovation/>
http://blogs.verisign.com/innovation/

 

Our next public exposure of these concepts is at the National Institutes of
Health (NIH) forum on "Identity and Trust: Enabling Collaboration in a
Connected World" on December 10th, 2009. The purpose of this forum is to
educate the NIH and government communities about federal-wide efforts to
enable identity management to collaborate in new ways. We plan to make the
case that open identity standards such as OpenID and Information Card will
allow users-both within the government and in academia and the research
community-to use a single set of credentials to access a variety of
electronic resources at NIH and beyond. 

Board Action Items 

 

I have attached a PowerPoint that gives a high level look at the
certification work in progress.  While the work of the Joint Steering
Committee is in flight several other key activities are also underway.  The
voting process for new community board members is of great importance. Brian
Kissel has been leading a 2010 priorities survey and assembling a
comprehensive IdP/OP Capabilities Matrix that give a first of its kind
picture of this part of the identity ecosystem. The vote of the revised IPR
Process Document has been restarted in order to increase member
participation.  Have a great Thanksgiving. 

 

Don Thibeau

don at OIDF.org

Executive Director

The OpenID Foundation

http://openid.net

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20091123/c1bc9ecf/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: oif-overview-v11.ppt
Type: application/vnd.ms-powerpoint
Size: 3396096 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20091123/c1bc9ecf/attachment-0001.ppt>


More information about the board mailing list