[TSG-Access-RD] My notes and feedback from this week's meetings

[Gavin Brown]

Just wanted to share the notes and feedback I captured during the
meetings this week. Some of this is direct feedback, some if it is stuff
I noted down as it occurred to me during the discussions:


CPH TechOps:

given:
- a thick registry
- data at ry and rar
- different disclosure practices at each
how to prevent "venue shopping"?

EPDP:

Multiple access servers (i.e. per jurisdiction?)
-	Different access policies per server?
-	Run by different orgs?

Single point of access (public and non-public) for user?

Clarify access gateway does not cache

RrSG:

add liability to assumptions

expand assumptions introduction

do we need to define (or assume a definition of) "non public" RD?

change consideration re liability to be general, i.e assumptions should
be challenged

work on use case #1

GAC:

include diagram from next steps slides

"public identity providers" SHOULD NOT/MUST NOT be used?

NCSG:

Notification to data subject - system allows it but state it explicitly

Complaints - handling of incorrect disclosure

Logging and metadata at the idp and authorisation service

-- 
Gavin Brown
CentralNic Group plc (LSE:CNIC)
https://www.centralnicgroup.com/
+44.7548243029

CentralNic Group plc is a company registered in England and Wales with
company number 8576358. Registered Offices: 35-39 Moorgate, London,
EC2R 6AR.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://mm.icann.org/pipermail/tsg-access-rd/attachments/20190313/7718a699/signature.asc>