Security+and+Privacy+Team

=**Security and Privacy Workgroup**= toc Bridge for 10/26/2012 meeting The eHealth Exchange (formerly known as the NwHIN or Nationwide Health Information Network Exchange) Security and Privacy Workgroup holds a security-focused meeting most Fridays at 2:00pm Eastern Time. The dial-in number is: 1.559.726.1300;244828#. To join the call for free, there is a Skype node connection; search for “freeconferencecallhd.5597261300” and add it as a contact to dial in. For those near your computers (Mac, Windows, or Linux) or with an iOS or Android mobile phone or tablet, you can also view the screen share by going to [] (the meeting name is "ericheflin" if needed).  Proposed Agenda: New CA  - Criteria for new CA  -- Customer Service  -- Managed CA full service provider  -- Wiling to escrow keys (issue dual keys)  -- Willing to issue a new trust ancorh point  - Operations -- 99.99% for revocation serves - FBCA cross certified <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">-- Internal latency from revocation entry until it's in the CRL and optionally OCSP <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- Reliability in terms of the technical cert issuance (does it work!) <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- Easy of contracting <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- Consistent certs <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- Cost <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- Ability to validate cert <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- ocsp <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- Effort to transition and process <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">-- Cut over all at once or staged <span style="background-color: rgba(255,255,255,0.921569); display: block; text-align: -webkit-auto;"><span style="color: #4d4d4d; font-family: Tahoma,Geneva,sans-serif;"> - Multiple trust anchors? Is this time to allow? <span style="background-color: rgba(255,255,255,0.921569); display: block; text-align: -webkit-auto;"><span style="color: #4d4d4d; font-family: Tahoma,Geneva,sans-serif; font-size: 12px;">- How do we test this set-up? <span style="background-color: rgba(255,255,255,0.921569); display: block; text-align: -webkit-auto;"><span style="color: #4d4d4d; font-family: Tahoma,Geneva,sans-serif; font-size: 12px;">- How do we roll-back if we need to? <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;"> <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">Process <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">- Engage with some SMEs regarding the above topics <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;"> <span style="background-color: rgba(255,255,255,0.921569); color: #4d4d4d; display: block; font-family: Tahoma,Geneva,sans-serif; font-size: 12px; text-align: -webkit-auto;">

1. Please join my meeting: https://www.freescreensharing.com/meetings/107-732-632 2. Join the conference call: Dial: <span class="skype_pnh_print_container_1345221526">1-559-726-1300 <span class="skype_pnh_container"><span class="skype_pnh_mark"> begin_of_the_skype_highlighting <span class="skype_pnh_highlighting_inactive_common"><span class="skype_pnh_textarea_span"><span class="skype_pnh_free_text_span">FREE <span class="skype_pnh_text_span">1-559-726-1300  <span class="skype_pnh_mark">end_of_the_skype_highlighting  and enter the Participant access code: 244828 followed by the # key. Additional Help: Joining the Conference - At the scheduled date and time of the online meeting, dial into the conference line and when prompted enter the access code followed by the pound key. Joining the Meeting - Click on the provided meeting link listed above. On the next page fill out your name and email address in the Join Meeting box. Once filled in, click on the Join Meeting button. OR Go to https://www.freescreensharing.com/ and fill in your name, email address and meeting ID (listed under Meeting ID above) fields in the Join Meeting login box. Once filled in, click on the Join Meeting button. Thank you for using FreeScreenSharing.com!

Purpose
This team's purpose is to maintain the below-listed work products, accept input from stakeholders, arbitrate and facilitate discussions, periodically publish updates (as needed), answer inquiries regarding this domain, accept and process new relevant work items.

**Work Products**
This workgroup is responsible for the following specifications, documents, Wiki pages, and packages: Authorization Framework Specification Nationwide Health Information Network Exchange Security FAQ Draft IEPD Nationwide Health Information Network Exchange Documentation Guidelines

Team Process
Security and Privacy Workgroup Weekly Web Meeting Security and Privacy Workgroup Process Security and Privacy Workgroup Backlog

**Work in Progress**
Prioritization of open issues for summer spec release
 * Refactor Authorization Framework Specification
 * TLS Encryption Clarification
 * CORE Phase II Current Profile Documentation
 * Transport Encryption WSDL Policy Statements
 * XML-Dig
 * Port Assignment
 * Final Rule MU
 * Testing Team Issues
 * Confidentiality Code
 * x.509 Certificate Clarifications
 * SAML <Subject> Usage inside <Evidence> and <Advice> Elements
 * Authorization Framework Changes
 * SAML Header Diagram
 * Adding ATNA and XUA to Specifications

Meetings

 * ~ Date ||~ Time ||~ Location ||~ Topic(s) ||~ Agenda/Minutes ||
 * 2012-02-03 || 2:00pm - 3:00pm EDT || T-con || NwHIN CP (Certificate Policies) document || 2012 Q1 Page ||
 * 2012-01-06 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. Issues #170, #171, new topic: NwHIN CP (Certificate Policies) document. Test team artifacts. Google issue tracker / FAQ updates. || 2012 Q1 Page ||
 * 2011-12-16 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. Issues #170, #171, new topic: NwHIN CP (Certificate Policies) document. || 2011 Q4 Page ||
 * 2011-11-04 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. Issues #170, #171. || 2011 Q4 Page ||
 * 2011-10-28 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. Issues #170, #171. || 2011 Q4 Page ||
 * 2011-10-21 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. || 2011 Q4 Page ||
 * 2011-10-14 || 12:00pm-1:00pm EDT || T-con || No meeting 2011-10-14 || 2011 Q4 Page ||
 * 2011-10-07 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. || 2011 Q4 Page ||
 * 2011-09-30 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. || 2011 Q3 Page ||
 * 2011-09-16 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. || 2011 Q3 Page ||
 * 2011-09-09 || 12:00pm-1:00pm EDT || T-con || <Subject> SAML 2.0 issue #6 working session. || 2011 Q3 Page ||
 * 2011-08-19 || 12:00pm-1:00pm EDT || T-con || No call today. || 2011 Q3 Page ||
 * 2011-07-22 || 12:00pm-1:00pm EDT || T-con || Discuss updates to AF spec. || 2011 Q3 Page ||
 * 2011-07-15 || 12:00pm-1:00pm EDT || T-con || RI, TT issues. Decision meeting to vote on the summer AF spec and associated working session. || 2011 Q3 Page ||
 * 2011-07-11 || 11:00am-12:00pm EDT || T-con || RI, TT issues. Decision meeting to vote on the summer AF spec. || 2011 Q3 Page ||
 * 2011-07-01 || 12:00pm-1:00pm EDT || T-con || RI, TT issues. Work on the summer production spec package release. || 2011 Q3 Page ||
 * 2011-06-24 || 12:00pm-1:00pm EDT || T-con || RI, TT issues. Work on the summer production spec package release. || 2011 Q2 Page ||
 * 2011-05-13 || 12:00pm-1:00pm EDT || T-con || Coordinating committee presentation review, RI, TT issues. Work on the summer production spec package release. || 2011 Q2 Page ||
 * 2011-04-29 || 12:00pm-1:00pm EDT || T-con || Brief discussion of new Spec Modularization and RI Consent Repo projects. Prioritization of summer production spec package release. || 2011 Q2 Page ||
 * 2011-04-22 || 12:00pm-1:00pm EDT || T-con || Prioritization of summer production spec package release. || 2011 Q2 Page ||
 * 2011-04-18 || 11:00am-12:00pm EDT || T-con || Prioritization of summer production spec package release. || 2011 Q2 Page ||
 * 2011-04-08 || 12:00pm-1:00pm EDT || T-con || Blocking RI team and Test Team issues. Disposition of issue #5. || 2011 Q2 Page ||
 * 2011-04-01 || 12:00pm-1:00pm EDT || T-con || Blocking RI team and Test Team issues. Disposition of issue #5. || 2011 Q2 Page ||
 * 2011-03-25 || 12:00pm-1:00pm EDT || T-con || Blocking RI team issues, Final disposition of issues 1 and 46. || 2011 Q1 Page ||
 * 2011-03-18 || 12:00pm-1:00pm EDT || T-con || Aegis team SAML versions issues, Blocking RI team issues, Blocking TT issues, Final disposition of issues list items 1, 2, 5, and 39. || 2011 Q1 Page ||
 * 2011-03-14 || 11:00am-12:00am EDT || T-con || No meeting. ||  ||
 * 2011-03-11 || 12:00am-1:00pm EDT || T-con || Issue triage/disposition. New Auth Framework changes page. || 2011 Q1 Page ||
 * 2011-03-04 || 12:00am-1:00pm EDT || T-con || Addressing new Aegis SAML version issues, issues number 1, 2, 5, 39. || 2011 Q1 Page ||
 * 2011-02-18 || 11:00am-12:00pm EDT || T-con || Specification refactoring meeting. Final Q1 2011 package refinements. || 2011 Q1 Page ||
 * 2011-02-18 || 10:00am-11:00am EDT || T-con || No meeting today due to HIMSS. || 2011 Q1 Page ||
 * 2011-02-18 || 10:00am-11:00am EDT || T-con || No meeting today due to HIMSS. || 2011 Q1 Page ||
 * 2011-02-04 || 10:00am-11:00am EDT || T-con || TT and RI team issues, TLS text. || 2011 Q1 Page ||
 * 2011-01-28 || 10:00am-11:00am EDT || T-con || TT and RI team issues, TLS text. || 2011 Q1 Page ||
 * 2011-01-21 || 10:00am-11:00am EDT || T-con || CONNECT || 2011 Q1 Page ||
 * 2011-01-10 || 10:00am-11:00am EDT || T-con || NIEM packaging meeting. Used meeting to discuss Security and Privacy Test Team issues || 2011 Q1 Page ||
 * 2011-01-03 || 10:00am-11:00am EDT || T-con || NIEM packaging meeting. Reviewed new v3 package. || 2011 Q1 Page ||
 * 2010-12-27 || 10:00am-11:00am EDT || T-con || Announcements. AF doc updates. Blocking issues (if any) Reference Implementation and Testing Teams. || 2010 Page ||
 * 2010-12-17 || 10:00a-11:00am EDT || T-con || AF doc updates. Blocking issues (if any) Reference Implementation and Testing Teams. Schedule for remainder of 2010 || 2010 Page ||
 * 2010-12-10 || 10:00am-11:00am EDT || T-con || AF doc updates. New issues from Reference Implementation and Testing Teams. Schedule for remainder of 2010. || 2010 Page ||
 * 2010-12-03 || 10:00am-11:00am EDT || T-con || SAML <Subject>, AF doc updates, New issues, TLS draft text, Call for sub work to finish putting docs in new template. RI team blocking issues. Updates to the progress of prior changes (port assignment, confidentiality code, purposeofuse). || 2010 Page ||
 * 2010-11-26 ||= n/a || n/a || No meeting today (holiday) || n/a ||
 * 2010-11-19 || 10:00am-11:00am EDT || T-con || SAML <Subject>, new AF docs || 2010 Page ||
 * 2010-11-12 || 10:00am-11:00am EDT || n/a || No call today (holiday + IHE meeting) || 2010 Page ||
 * 2010-11-05 || 10:00am-11:00am EDT || T-con || Subject attribute blocking issue for testing, esMD TLS NIST issue, new Auth Framework template, confidentiality code draft test, port number draft text || 2010 Page ||
 * 2010-11-01 || 10:00am-11:00am EDT || T-con ||  || 2010 Page ||

Workgroup Members
Workgroup Chair: Eric Heflin ONC Representatives: Richard Kernan, <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Amram Ewoo


 * ~ Name ||~ Organization(s) ||
 * Richard Kernan || ONC/HHS/Deloitte ||
 * Eric Heflin || Medicity/IHE ||
 * Thomas Davidson || SSA/Lockheed-Martin ||
 * John Moehrke || GE/IHE/HL7 ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Bob Yencha || ONC ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Chuck Hagen || ONC ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">David Morris ||  ||
 * David Roberts || Wright State University ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Ed Monjay || ONC ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">George Varghese ||  ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Jeff Peacock || KP ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Jeff Tunkel ||  ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Joe Lamy ||  ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">John Donnelly || IntePro Solutions ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Laure Tull || Anakam ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Sandy Stuart || KP ||
 * <span style="border-collapse: separate; color: #000000; font: 13px/19px arial,helvetica,sans-serif; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">Scott Robertson || KP ||
 * Wendy Laposata ||  ||
 * Wendy Laposata ||  ||

Links to This Page (Backlinks)
include component="backlinks" page="Security and Privacy Team" limit="10"