Public Sector Profile of the Pan-Canadian Trust Framework Version 1.0 Recommendation Draft — Now available on GitHub

  • In January 2019, weekly IMSC PCTF working group calls were established. Work-in-progress material was circulated on a regular basis.
  • On February 26th, 2019, the IMSC met in person to discuss the ongoing work of the PCTF.
  • On March 28th, 2019, the IMSC PCTF Version 1.0 Document Version 0.4 Consultation Draft was released.
  • During the period (March 28 to present), we received almost 300 comments, which we have reviewed and disposed in the recommendation draft.
  1. Evolution of the Identity Management Sub-Committee (IMSC) efforts. Over the past year we have iterated the PCTF based on testing with provincial pilots. This document reflects our iteration and learnings.
  2. The Need to Apply the PCTF for Assessments. We have completed a provincial assessment and we are now undertaking another. For assessment purposes, we need to stabilize the PCTF as quickly as possible. We believe this version attached (and the associated worksheet) is sufficient to conduct an rigorous and transparent assessment process. While we recognize that we will continue to learn and adjust the PCTF, what we have now is of sufficient clarity for assessment. For additional rigour, the conformance criteria can now be entered into a requirements management tool, and into a proper change management process.
  3. Policy Alignment. The new Treasury Board Directive on Identity Management is now in force. This new directive, a major driver for the federal government, has new policy requirements based on the collaborative work the IMSC has done, dating back to what was agreed to in April 2016 as key digital identity concepts. The Government of Canada is now executing against these new requirements, anticipating that the PCTF would become the key enabler for formalizing the assessment process for accepting trusted digital identity.
  • This recommendation draft (v0.6) is greatly improved based on the comments we received on the consultation draft (v0.5). In total we received and disposed of 83 comments, which resulted in substantive changes or were noted as work going forward in Appendix D: Thematic Issues. At our next call we will discuss how to address the thematic issues going forward.
  • It is our opinion, that this recommendation draft is of sufficient detail and clarity to conduct the assessment process for accepting trusted digital identities of persons (which is currently underway in several jurisdictions). The attached spreadsheet, is the tool to carry out the assessment process. It should be noted that this tool remains a work-in-progress and changes are being informed by assessment process. Further, this tool is being used to test out the PCTF in the international context, as we have several partners interested in applying what we developed in Canada.
  • During this final iteration we have been diligent in ensuring that in addition to persons, organizations is incorporated comprehensively into the framework. As such, discussions, and definitions have been changed to reflect the broader scope to include organizations and relationships.
  1. To develop a recommendation statement that we, as a working group and through consensus can provide to the Identity Management Sub-Committee (IMSC) for endorsement.
  2. To address the thematic issues in Appendix D of the recommendation draft. These issues essentially form the basis of the road map and efforts as a working group going forward.

Thematic Issue 1: Defining the PCTF

Thematic Issue 2: Including Organizations and Digital Relationships

Thematic Issue 3: The Evolving State of Credentials and Claims

Thematic Issue 4: Stakeholders, Roles, and Actors

Thematic Issue 5: Informed Consent

Thematic Issue 6: Scope of PCTF

Thematic Issue 7: Additional Detail

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tim Bouma

Tim Bouma

Based in Ottawa. Does identity stuff. My tweets are my opinion but they can be yours too!