Govt of Canada consultation – GoC is holding a ‘Cyber Authentication Renewal Program Industry Consultation’ Feb 16 & 17th. They are hoping to obtain industry input, posing the following questions
- What options could be considered for becoming a member of the GC Credential Federation?
- Does the Kantara Identity Assurance Framework certification criteria and process pose a good option to model?
- How are risks allocated?
- What liability model is acceptable?
- What indemnity model is acceptable?
- What are the Terms and Conditions around liability used by industry with other customers / partners?
- Can Canada have access to records to investigate/prosecute fraud or allegations if a credential has been improperly used?
- What branding / co-branding is wanted?
- Does the Crown’s use of your credential increase your risk profile?
- Are there potential impacts on your privacy practices from the Crown’s use of your credential?
- Do you anticipate that you will need to collect additional information because of the Crown’s use of your credential?
- Is there interest in participating in the GC Credential Federation (GCCF)? If yes, would the arrangement be a contractual relationship or another type of agreement?
- Are there other concerns?
Security Valley will by this posting coordinate a response.