assurance - RE: [Assurance] Remote proofing?
Subject: Assurance
List archive
- From: "Roy, Nicholas S" <>
- To: "" <>
- Subject: RE: [Assurance] Remote proofing?
- Date: Thu, 31 May 2012 17:38:18 +0000
- Accept-language: en-US
One other thing occurred to me last night as I was thinking about Michael
Gettes' extremely elegant solution to this problem -
The types of countries where you might not be able to expect someone to be
able to travel to a US consular office to use their notary services are also
probably the same countries where you'd have to worry about lack of bandwidth
or lack of access to it in order to enable a video conference. I have family
that frequently works in west Africa and know this to be a problem in that
part of the world.
Nick
-----Original Message-----
From:
[mailto:]
On Behalf Of Dunker, Mary
Sent: Thursday, May 31, 2012 10:01 AM
To:
''
Subject: RE: [Assurance] Remote proofing?
Thank you, Ann!
Mary
-----------------------------------------------------------------
Mary Dunker
Director, Secure Enterprise Technology Initiatives
Virginia Tech Information Technology
1700 Pratt Drive
Blacksburg, VA 24060
540-231-9327
--------------------------------------------------------------------
-----Original Message-----
From:
[mailto:]
On Behalf Of Ann West
Sent: Thursday, May 31, 2012 10:46 AM
To:
Subject: Re: [Assurance] Remote proofing?
Thanks Mark...
I've created a wiki page for folks to add their resource documents. I've
linked in Nick's blog, the AACRAO/InC article, US Consular's process, MRG's
suggestions, and Mark's docs.
Please add references you're using and your process ideas to:
https://spaces.internet2.edu/display/InCAssurance/Remote-Proofing+Approaches
Ann
----- Original Message -----
> UTHealth is already doing the first part of what Nick is suggesting.
> http://www.uth.tmc.edu/netcenter/security/notary-process.htm
>
> There are two documents linked at the above URL. The most interesting
> is likely:
> http://www.uth.tmc.edu/netcenter/security/notary-verify.docx
>
>
> -----Original Message-----
> From:
>
> [mailto:]
> On Behalf Of Ann West
> Sent: Thursday, May 31, 2012 8:56 AM
> To:
>
> Subject: Re: [Assurance] Remote proofing?
>
> Mark,
>
> I think starting with Nick's blog as background is a good idea. For
> the details of the discussion, I'd check the list archive.
>
> InCommon Student and AACRAO did a survey of distance education
> admissions officers and wrote up the results in an article:
> http://www.aacrao.org/Files/Publications/CUJ8703_WEB.pdf (See page
> 59.) There's a nice explanation of what remote proofing is and why
> it's necessary (thanks to Keith Hazelton) in addition to the results
> (which are depressing). This article might be a good place to start
> for definition of terms (and the state of current art and
> understanding).
>
> Thoughts on other documents to include as background?
>
> Ann
>
> ----- Original Message -----
> >
> > Ann et al.:
> >
> > I am kinda jumping in late. Did the features/options of this thread
> > get captured somewhere in the assurance wiki or is the best place to
> > point folks who might want to attend the call Nick's blog post?
> >
> > Just curious?
> >
> > Mark
> >
> >
> > ------------------------------------------
> > Mark Rank - IAM Program Manager
> > Middleware and Identity Management Group University Information
> > Technology Services UW-Milwaukee
> > Email:
> >
> > Phn: 414-229-3706
> > ------------------------------------------
> >
> > ----- Original Message -----
> > From: "Ann West"
> > <>
> > To:
> >
> > Sent: Wednesday, May 30, 2012 3:01:50 PM
> > Subject: Re: [Assurance] Remote proofing?
> >
> > Ok. Thanks all!
> >
> > Those that are interested should join the Assurance call on
> > Wednesday June 6, and we'll talk about next steps.
> >
> > Ann
> >
> > ----- Original Message -----
> >
> > > I'm in.
> >
> > > David
> >
> > > "Michael R. Gettes"
> > > <>
> > > wrote:
> > > > me 3
> > >
> >
> > > > /mrg
> > >
> >
> > > > On May 30, 2012, at 15:32, Roy, Nicholas S wrote:
> > >
> >
> > > > > Me as well.
> > >
> > > > >
> > >
> > > > > Nick
> > >
> > > > >
> > >
> > > > > -----Original Message-----
> > >
> > > > > From:
> > > > >
> > > > >
> > > > > [mailto:]
> > > > > On Behalf Of
> > > > > Lovaas,Steven
> > >
> > > > > Sent: Wednesday, May 30, 2012 2:30 PM
> > >
> > > > > To:
> > > > >
> > >
> > > > > Subject: RE: [Assurance] Remote proofing?
> > >
> > > > >
> > >
> > > > > I'd also be interested in helping with this.
> > >
> > > > >
> > >
> > > > > Steve
> > >
> > > > >
> > >
> > > > >
> > >
> > > > > ========================
> > >
> > > > > Steven Lovaas
> > >
> > > > > IT Security Manager
> > >
> > > > > Colorado State University
> > >
> > > > >
> > >
> > > > > 970-297-3707
> > >
> > > > > ========================
> > >
> > > > >
> > >
> > > > >
> > >
> > > > >
> > >
> > > > > -----Original Message-----
> > >
> > > > > From:
> > > > >
> > >
> > > > [mailto:]
> > > > On Behalf Of Bradner,
> > > > Scott
> > >
> > > > > Sent: Wednesday, May 30, 2012 1:18 PM
> > >
> > > > > To:
> > > > > <>
> > >
> > > > > Subject: Re: [Assurance] Remote proofing?
> > >
> > > > >
> > >
> > > > > I'm interested
> > >
> > > > >
> > >
> > > > > Scott
> > >
> > > > >
> > >
> > > > > Scott Bradner
> > >
> > > > >
> > >
> > > > > Harvard University Information Technology Innovation &
> > > > > Architecture
> > >
> > > > > +1 617 495 3864
> > >
> > > > > 29 Oxford St., Room 407
> > >
> > > > > Cambridge, MA 02138
> > >
> > > > > www.harvard.edu/huit
> > >
> > > > >
> > >
> > > > >
> > >
> > > > >
> > >
> > > > >
> > >
> > > > >
> > >
> > > > > On May 30, 2012, at 3:10 PM, Ann West wrote:
> > >
> > > > >
> > >
> > > > >> If there's interest in convening a collaboration group to
> > > > >> develop some recommendations on this topic, just let me know.
> > > > >> Happy to help with the phone bridge, wiki page, doodle polls,
> > > > >> etc.
> > >
> > > > >>
> > >
> > > > >> A good meaty thing to tackle, if you ask me.
> > >
> > > > >>
> > >
> > > > >>
> > >
> > > > ;
> > >
> > > > Ann
> > >
> > > > >>
> > >
> > > > >> Not saying dealing with people in other countries is not a
> > > > >> problem,
> > >
> > > > >> but I found this while trying to educate myself:
> > >
> > > > >> http://travel.state.gov/law/judicial/judicial_2086.html
> > >
> > > > >>
> > >
> > > > >>
> > >
> > > > >> From:
> > > > >>
> > >
> > > > >> [mailto:]
> > > > >> On Behalf Of Michael
> > > > >> R.
> > > > >> Gettes
> > >
> > > > >> Sent: Wednesday, May 30, 2012 1:58 PM
> > >
> > > > >> To:
> > > > >> <>
> > >
> > > > >> Subject: Re: [Assurance] Remote proofing?
> > >
> > > > >>
> > >
> > > > >> aren't we all assuming a perfect world where the world we
> > > > >> need is "good enough"? and, have you tried to present an ID
> > > > >> via video conf? Frankly, it looks pretty good.
> > > > >> Additionally, I have the problem of dealing with people from
> > > > >> other countries so Notary is problematic there.
> > >
> > > > >>
> > >
> > > > >> /mrg
> > >
> > > > >>
> > >
> > > > >> On May 30, 2012, at 14:54, Roy, Nicholas S wrote:
> > >
> > > > >>
> > >
> > > > >>
> > >
> > > > >> This is a good point, Jacob- the validity of the documents
> > > > >> would be harder to determine via video link. I think this
> > > > >> might be a benefit to having a notary look at the documents,
> > > > >> if that's something they are trained to do.
> > >
> > > > >>
> > >
> > > > >> Nick
> > >
> > > > >>
> > >
> > > > >> From:
> > > > >>
> > >
> > > > >> [mailto:]
> > > > >> On Behalf Of Farmer,
> > > > >> Jacob
> > >
> > > > >> Sent: Wednesday, May 30, 2012 10:58 AM
> > >
> > > > >> To:
> > > > >>
> > >
> > > > >> Subject: RE: [Assurance] Remote proofing?
> > >
> > > > >>
> > >
> > > > >> When it has come up at IU, one of the major concerns has been
> > > > >> our ability to tell if the ID has been altered over the video
> > > > >> link.
> > > > >> Granted, we are not likely to catch a good fake ID even if
> > > > >> it's presented in person, but it seems like we could very
> > > > >> well miss a poorly altered ID over the video conferen
> > >
> > > > ce
> > >
> > > > link.
> > >
> > > > >>
> > >
> > > > >> Jacob
> > >
> > > > >>
> > >
> > > > >> From:
> > > > >>
> > >
> > > > >> [mailto:]
> > > > >> On Behalf Of David
> > > > >> Walker
> > >
> > > > >> Sent: Wednesday, May 30, 2012 11:53 AM
> > >
> > > > >> To:
> > > > >>
> > >
> > > > >> Subject: Re: [Assurance] Remote proofing?
> > >
> > > > >>
> > >
> > > > >> I like this general approach. It also raises the question of
> > > > >> whether a video conference link should be considered remote
> > > > >> or local. Clearly, it's geographically remote, but the risks
> > > > >> and the proofing process are much more like local proofing.
> > >
> > > > >>
> > >
> > > > >> Has anyone implemented identity proofing based on video
> > > > >> conferencing? I've heard it discussed before, but I'm not
> > > > >> aware of actual implementations.
> > >
> > > > >>
> > >
> > > > >> David
> > >
> > > > >>
> > >
> > > > >> On Tue, 2012-05-29 at 19:11 +0000, Michael R. Gettes wrote:
> > >
> > > > >>
> > >
> > > > >> I've been mulling this over for some time.
> > >
> > > > &
> > >
> > > > gt;>
> > >
> > > > >> Here are my thoughts on a Remote Proofing process we are now
> > > > >> mulling over at CMU.
> > >
> > > > >>
> > >
> > > > >> There are parts in here to address some CMU problems of
> > > > >> issuing 2nd-factor tokens - but you could take that out of
> > > > >> the flow and it still is viable.
> > >
> > > > >>
> > >
> > > > >> The IDProof App has yet to be written.
> > >
> > > > >>
> > >
> > > > >> /mrg
> > >
> > > > >>
> > >
> > > > >> Version 1.0
> > >
> > > > >>
> > >
> > > > >> Actor = Person to be Identity-Proofed
> > >
> > > > >> Proofer = Doh! Could be any full-time CMU staff person
> > > > >> appropriately authorized? Could be Help Center staff?
> > >
> > > > >>
> > >
> > > > >> It is assumed the Actor has already been issued an Andrew ID
> > > > >> -
> > > > >> or
> > > > >> must we define this process too?
> > >
> > > > >>
> > >
> > > > >> 0. Actor and Proofer agree upon method of Video Conference
> > > > >> (FaceTime,
> > >
> > > > >> Google Voice Video, Skype, others?)
> > >
> > > > >>
> > >
> > > > >> 1. Actor independently obtains physical FOB or downloads soft
> > > > >> FOB
> > >
> > > > >
> > >
> > > > ;>
> > >
> > > > >> 2. Proofer independently accesses ID-Proof Web App in a
> > > > >> "Proofer"
> > > > >> role
> > >
> > > > >>
> > >
> > > > >> 3. Proofer establishes VC with Actor.
> > >
> > > > >> a. It is most optimal if someone the Proofer knows is with
> > > > >> the
> > > > >> Actor as a "chain of custody".
> > >
> > > > >>
> > >
> > > > >> 4. Actor presents to Proofer Official Photo ID - holding it
> > > > >> up
> > > > >> to
> > > > >> the camera.
> > >
> > > > >> a. Proofer verifies photo matches actor's face b. Proofer
> > > > >> records ID
> > >
> > > > >> Type, Issuer, ID number into ID-Proof Web App c. Actor
> > > > >> provides
> > >
> > > > >> AndrewID - Proofer validates AndrewID matches Actor d.
> > > > >> Possibility of
> > >
> > > > >> obtaining digital photo capture of Actor in VC e. If a
> > > > >> "custodian"
> > >
> > > > >> (see 3a) is present, record custodian AndrewID.
> > >
> > > > >>
> > >
> > > > >> 5. Process FOB
> > >
> > > > >> a. Proofer records Actor's FOB # and AndrewID into ID-Proof
> > > > >> Web
> > > > >> App
> > >
> > > > >> b. Proofer enables Actor's FOB
> > >
> > > > >>
> > >
> > > > >> 6. Actor verifies
> > >
> > > > authentication and access a. Actor accesses ID-Proof
> > >
> > > > >> Web App and login as normal user Actor authenticates using
> > > > >> Shib
> > > > >> SSO
> > >
> > > > >> and then uses FOB authN on ID-Proof page.
> > >
> > > > >> b. Actor is presented with a 6 character KEY c. Actor reads
> > > > >> KEY
> > > > >> to
> > >
> > > > >> Proofer d. Proofer validates the Actor's KEY with KEY on
> > > > >> Proofer's
> > >
> > > > >> ID-Proof page.
> > >
> > > > >> e. repeat a-d until success
> > >
> > > > >>
> > >
> > > > >> 7. Proofer approves Actor in ID-Proof Web App
> > >
> > > > >>
> > >
> > > > >> 8. End Video Conference
> > >
> > > > >>
> > >
> > > > >> 9. Proofer authorization
> > >
> > > > >> a. If Proofer has privilege to authorize then modify
> > > > >> accordingly.
> > >
> > > > >> b. If not (9a) then Proofer notifies official authorizers
> > > > >> ID-Proof steps completed and provides AndrewID and Name to
> > > > >> Authorizers. Authorizers modify accordingly.
> > >
> > > > >>
> > >
> > > > >> Done.
> > >
> > > > >>
> > >
> > > > >>
> > >
> > > > >>
> > >
> > > > >
> > >
> >
>
- Re: [Assurance] Remote proofing?, (continued)
- Re: [Assurance] Remote proofing?, David Walker, 05/30/2012
- Re: [Assurance] Remote proofing?, Ann West, 05/30/2012
- RE: [Assurance] Remote proofing?, Herrington, Karen, 05/31/2012
- Re: [Assurance] Remote proofing?, Ann West, 05/31/2012
- Re: [Assurance] Remote proofing?, Mark John Rank, 05/31/2012
- Re: [Assurance] Remote proofing?, Ann West, 05/31/2012
- Re: [Assurance] Remote proofing?, Mark John Rank, 05/31/2012
- RE: [Assurance] Remote proofing?, Jones, Mark B, 05/31/2012
- Re: [Assurance] Remote proofing?, Ann West, 05/31/2012
- RE: [Assurance] Remote proofing?, Dunker, Mary, 05/31/2012
- RE: [Assurance] Remote proofing?, Roy, Nicholas S, 05/31/2012
- Re: [Assurance] Remote proofing?, Bradner, Scott, 05/30/2012
- RE: [Assurance] Remote proofing?, Roy, Nicholas S, 05/30/2012
- Re: [Assurance] Remote proofing?, Michael R. Gettes, 05/30/2012
- RE: [Assurance] Remote proofing?, Roy, Nicholas S, 05/29/2012
- Re: [Assurance] Remote proofing?, Bradner, Scott, 05/29/2012
- RE: [Assurance] Remote proofing?, Jones, Mark B, 05/29/2012
- Re: [Assurance] Remote proofing?, Michael R. Gettes, 05/29/2012
- Re: [Assurance] Remote proofing?, Bradner, Scott, 05/29/2012
Archive powered by MHonArc 2.6.16.